Other jihadist groups are reported to be taking a page from ISIS's social media playbook, conducting "money jihad" fundraisers over Twitter (so far without ISIS's growing OPSEC wariness).
Researchers are looking into a bug in VMWare's ESXi hypervisor that could corrupt virtual machines. VMWare knows about the problem and addressed it with an advisory early last month; Veeam and other firms are evaluating the adequacy of the fix.
CSO reports that Apple's XProtect fix for the iWorm may be incomplete. The Rootpipe OS X vulnerability continues to induce security headaches. (Rootpipe could be exploited to give attackers control of Macs without the need to enter a password.) These issues, as well as the WireLurker malware Palo Alto finds infecting Apple devices in China, move many observers to predict a coming era of insecurity for Apple users.
A version of the Dridex banking malware revives an old-school attack technique: infected MS Word macros.
eSecurity Planet draws a lesson from Shellshock and extends it to other software with deep pre-Internet roots. What were features in the old days are dangerously buggy in today's connected world.
Samsung answers NIST's warning about the alleged vulnerability in the manufacturer's Find My Mobile service.
Vectra Networks wonders what attackers do after they're inside a network's perimeter, and looks a five-month's worth of incident data to see what's trending. Command and control is the most common activity, exfiltration the least.
Raytheon buys Blackbird Technologies.
The Chinese ambassador to the US accuses the Americans of cyber bad faith.
Today's issue includes events affecting Brazil, China, Colombia, India, Israel, Japan, Netherlands, Palestinian Territories, Russia, South Africa, Spain, United Kingdom, United States, and Vietnam.
Dateline Columbia, Maryland: the National Initiative for Cybersecurity Education conference
NICE Conference and Expo(Federal Business Council) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. An ecosystem of technology providers, policy makers, legal expertise, banking, insurance, devices, educational programs and devices have emerged to deal with the cyber security issues that have become commonplace. In turn, the marketplace has responded by demanding a new workforce capable of taking on this challenge
NICE Cyber Education Map(National Initiative for Cybersecurity Education) The NICE Cyber Education Map is an interactive map that highlights schools, teachers, companies and agencies supporting Cyber Education in America
Live Threat Map(Norse) Norse delivers continuously-updated, unique Internet and darknet attack intelligence that helps organizations block attacks that other systems miss. The Norse live attack map is a visualization of a tiny portion (<1%) of the data processed by the Norse DarkMatter™ platform every day
Professionalizing Cybersecurity: A path to universal standards and status(Pell Center for International Relations and Public Policy) The Internet, together with the information communications technology (ICT) that underpins it, has revolutionized our world and opened new opportunities for the global economy and civilization at large. Our reliance on this complex infrastructure, however, has also exposed new vulnerabilities and opened the door to a wide range of nefarious cyber activities by a spectrum of hackers, criminals, terrorists, state and non-state actors
Gaza Jihadis Launch Twitter Fundraising Drives To Arm And Supply Their Men(MEMRI) Salafi-jihadi groups in the Gaza Strip have recently launched Twitter fundraising campaigns to finance their activities, with the stated goal of purchasing weapons and ammunition, paying jihad fighters' salaries, financing military activity, and otherwise aiding in waging the war against Israel. The campaigns remind supporters that the "money jihad" is religiously important and propagate the idea that while it is not equal to active participation in jihad, assisting the jihad via financial contributions is still a religious obligation
VMware's ESXi Has Backup Bug(InformationWeek) The version of VMware's hypervisor that's embedded in shipping servers has a bug that under certain circumstances corrupts backup virtual machines
Malware Discovered In China Could Herald 'New Era' Of iOS And Mac Threats(TechCrunch) Conventional wisdom suggests that the vast majority of mobile malware cases impact Android devices. Or at least that those who do not jailbreak their iPhones are safe most threats — even Apple CEO Tim Cook has bashed Android for "dominating" the mobile malware market. Yet a new virus found in China by US-based researchers could herald the first serious security threat to Apple devices
Nov 5 Root Cause Analysis of CVE-2014-1772 — An Internet Explorer Use After Free Vulnerability(TrendLabs Security Intelligence Blog) We see many kinds of vulnerabilities on a regular basis. These range from user-after-free (UAF) vulnerabilities, to type confusion, to buffer overflows, to cross-site scripting (XSS) attacks. It's rather interesting to understand the root cause of each of these vulnerability types, so we looked at the root cause of an Internet Explorer vulnerability — CVE-2014-1772
Is Shellshock a Feature, not a Bug?(eSecurity Planet) The Shellshock flaw highlights a major security issue. Software created before mass adoption of the Internet is highly susceptible to today's security risks
Experts troubled by Drupal's latest security snafu(FierceContentManagement) Drupal's latest cyberattack may have affected as many as 12 million websites, leaving security experts concerned that similar future exploits could create a ripple effect compromising thousands more sites
Still Spamming After All These Years(KrebsOnSecurity) A long trail of spam, dodgy domains and hijacked Internet addresses leads back to a 37-year-old junk email purveyor in San Diego who was the first alleged spammer to have been criminally prosecuted 13 years ago for blasting unsolicited commercial email
Samsung Fires Back at NIST, Says Find my Mobile Service Safe(Threatpost) Samsung this week tried to quell recent reports that its Find My Mobile service is vulnerable to hacking, firing back at NIST (National Institute of Standards and Technology) who warned last month that the feature could be exploited
What attackers do after bypassing perimeter defenses(Help Net Security) Vectra Networks collected data over five months from more than 100,000 hosts within sample organizations to gain a deeper understanding of breaches that inevitably bypass perimeter defenses, and what attackers do once inside networks
Reflected File Download a New Web Attack Vector(Trustwave's SpiderLabs) Attackers would LOVE having the ability to upload executable files to domains like Google.com and Bing.com. How cool would it be for them if their files are downloaded without ever being uploaded! Yes, download without upload! RFD is a new web based attack that extends reflected attacks beyond the context of the web browser. Attackers can build malicious URLs which once accessed, download files, and store them with any desired extension, giving a new malicious meaning to reflected input, even if it is properly escaped. Moreover, this attack allows running shell commands on the victim's computer
Tearing down CryptoWall(Cylance) There are not many things that can ruin a day as much as an attacker holding your files for ransom. There are feelings of violation, as they have clearly tampered with your private data, a pit in your stomach when you see how much it will cost to get your files back, and overwhelming guilt as you weigh the pros and cons of actually paying these low life criminals. Many have been feeling these emotions lately as CryptoWall has been on the rise, most recently with the campaign infecting users via malvertising on sites such as Yahoo and AOL
Which Government Websites Host the Most Phishing Attacks?(Cyveillance Blog) Last month we shared some data from a year's worth of collected phishing URLs. In that post, we described the relationship between Alexa rankings and the likelihood that a URL leads to a phishing attack. In this post we'll examine another insight gained from examining that data
Guy Fawkes Night special: The ultimate 2014 guide to hacking and cyber terrorism(IT Pro Portal) It's now over 409 years since Guy Fawkes and his band of conspirators plotted to blow up the Houses of Parliament with King James I inside. Since then, the world of crime and terrorism has come a long way, and perhaps a modern day Guy Fawkes would be more interested in hacking the parliamentary computer system rather than blowing it to pieces
Cyber Espionage — China in the Crosshairs(Check and Secure) The business world is getting bigger and it is long since known that in this globalised world, the markets in the far east are of vital importance to any company wanting to expand internationally
Alaska's Online Voting Leaves Cybersecurity Experts Worried(IEEE Spectrum) Some Americans who lined up at the ballot boxes on Tuesday may have wished for the convenience of online voting. But cybersecurity experts continue to argue that such systems would be vulnerable to vote tampering — warnings that did not stop Alaska from allowing voters to cast electronic ballots in a major election that had both a Senate seat and the governorship up for grabs
Is Easy WiFi Access Putting You at Risk?(Tripwire: The State of Security) Throughout National Cyber Security Awareness Month (NCSAM), I must admit I realized I was reading the same advice we have always pushed out — the same obvious methodologies and procedures to help keep us all nice and secure
Are today's leaders prepared for cyberwarfare?(Australian Broadcasting Corporation) One reason the First World War got so bogged down over four years was that generals used to 19th century warfare took so long to understand the new technologies of air and tank warfare
Mobile security breaches impacted 68% of organizations(Help Net Security) Mobile security breaches have affected 68 percent of organizations in the last 12 months, according to a new global study from BT. Despite this, organizations are still not taking sufficient security measures to protect themselves against mobile threats, such as lost or stolen devices and malware infections
Security issues in collaboration platforms(Help Net Security) CipherPoint revealed the results of its second annual survey on security issues in collaboration platforms such as Microsoft SharePoint, Office 365, and Google Apps
Cyber security is essential in today’s marketplace(National Journal) On 5 November, Francis Maude, Minister for the Cabinet Office with responsibility for the UK Cyber Security Strategy, co-hosted a summit of CEOs from the UK's insurance sector in conjunction with Marsh, the insurance broker and risk adviser, to discuss how the sector can help ensure that the UK is one of the safest places to do business in cyberspace
FireEye's (FEYE) Disappointing Third Quarter Hits Cyber Security Stock Hard(Equities) Cyber security has been a particularly hot topic over the last year. When Target (TGT) had to admit that millions of credit card numbers had been compromised, it seemed like the retailer was in hot water — and It was. Yet, at this point, enough major box stores have admitted to similar security breaches that not having one could just as easily be a sign a store has failed to expose their leak rather than it not existing
Debunking the BlackBerry Security Myth(Seeking Alpha) Let me start by saying BlackBerry's (NASDAQ:BBRY) security for mobile devices and MDM is top-notch. No one is debating that, and in fact, BlackBerry has had likely the best mobile security for quite some time
Palerra Emerges From Stealth, Changes Its Names And Jumps On The Security Bandwagon(Forbes) I'm always a little dubious about companies that change their names even before they launch. It seems a little presumptuous to me and, in my view, plays to the Silicon Valley bubble where a good name and sufficient use of buzzwords gives a company a better chance of success. Despite my skepticism, it's worth having a look at newly emerged Palerra, which is also newly renamed from its previous incarnation as Apprity
Symantec and Deloitte establish Cyber Security Alliance to include Middle East(Albawaba) Symantec Corp. in alliance with Deloitte announced today an innovative cyber threat vulnerability management service. The integrated offering will pair Symantec's cyber intelligence and information protection technologies with Deloitte's consulting services to help businesses address concerns around cyber security and information protection. The alliance will focus on growth markets across EMEA, including Middle East as a priority region given it is a hub of targeted cyber crime activity
Safe-T Appoints Derek Schwartz as CEO(PRNewswire) Safe-T Data, the provider of Unified Secure Data Exchange Solutions desgined to securely bridge the gap between the Enterprise and The Cloud, announced today the appointment of Derek Schwartz as CEO. In his role, Mr. Schwartz will lead Safe-T and be responsible for growing Safe-T's business around the world with a strong focus on the Americas, while continuing to deliver innovative products to market
Microsoft releases free Antimalware for Azure(ZDNet) The service, using the same engine and signatures as Microsoft's other offerings, is now available to most Azure virtual machines. The software is free, but use of it may cost money
Halcyon Tackles IBM i Security with New Products(IT Jungle) Halcyon Software moved further into the IBM i security business last month with the release of two new products, including Exit Point Manager and Password Reset Manager. The new software will help organizations secure their IBM i environments, while giving Halcyon additional products to sell to its customer base
Boeing tests new cyber warfare anti-jamming technology(Examiner) A Boeing release this morning out of El Segundo, California, indicates the 98-year-old multi-faceted aerospace company has just completed a successful test of new anti-jamming technology. The unnamed piece of equipment will enable the military to send and receive secure communications using either ground-based or satellite-based networking hubs
ZMap 1.2.1 — The Internet Scanner(Kitploit) ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical limit of gigabit Ethernet
Stem the Onslaught of System Wide Attacks (Sarbanes-Oxley Compliance Journal) "By introducing this service, American Express confirms that contemporary data-centric security approaches are necessary to stem the onslaught of system-wide attacks that traditional payment card data defenses cannot sustain on their own," said Mark Bower, Vice President of Product Management, Voltage Security
Getting Inside the Adversary's OODA Loop: Automation and Information Sharing for Cyber Defense(The CyberWire) The CyberWire interviewed Mr. Philip Quade, Chief Operating Officer of NSA's Information Assurance Directorate, who participated in SINET ITSEF 2014. The NSA's Information Assurance Directorate is responsible for the security of US national security systems. He shared his views on Active Cyber Defense, and how it depends upon automation and information sharing for a risk-based approach to Sensing, Sense-making, Decision-making, and Acting in cyberspace
Legislation, Policy, and Regulation
This Country Is Sending the U.S. a Strong Message About NSA Surveillance(Blaze) Brazilian President Dilma Rousseff doesn't approve of the U.S. National Security Agency's surveillance techniques. She's making that much clear by overseeing the construction of a $185 million overseas fiber-optic cable which will stretch across the Atlantic Ocean from Fortaleza, Brazil to Lisbon, Portugal
Spy Chiefs Launch Operation Social Media (Bloomberg View) There is no doubt that Robert Hannigan, the newly appointed chief of the U.K.'s electronic intelligence agency, GCHQ, wants social networks such as Facebook and Twitter to cooperate more closely with his agency. The big question is why he wants to tell them that in public
NSA Director Says Agency Shares Vast Majority of Bugs it Finds(Threatpost) When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it's typically deployed, before deciding whether to share the new bug. The agency shares most of the bugs it finds, NSA Director Mike Rogers said, but not all of them
Why Mark Udall's Senate Defeat In Colorado Could Slow NSA Reforms(International Business Times) Senator Mark Udall, D-Colo., has been one of the most vocal critics of U.S. intelligence agencies since before anyone ever heard of Edward Snowden. The senator has blasted the National Security Agency, CIA and FBI all while trying to walk the tightrope between transparency and security. Now that he's been voted out of office, critics of America's national security policy are wondering what happens next
Alleged Russian hacker one step closer to facing justice in U.S.(CBS News) The Dutch government has approved the extradition to the United States of a Russian citizen accused of participating in a hacking ring that penetrated computer networks of more than a dozen corporations and stole at least 160 million credit and debit card numbers
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
POC2014(Seoul, Republic of Korea, November 4 - 7, 2014) POC (Power of Community) started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates...
Managing BYOD & Enterprise Mobility USA 2014(San Francisco, California, USA, November 5 - 6, 2014) The Managing BYOD & Mobility USA 2014 conference will provide a unique networking platform, bringing together top executives from USA and beyond. They come together not only to address mobility challenges...
RiseCON 2014(Rosario, Santa Fe, Argentina, November 6 - 7, 2014) Rosario Information Security Conference: es el primer y mayor evento de seguridad informática y hacking realizado en la ciudad de Rosario, con nivel y trascendencia internacional
Israel HLS 2014(Tel Aviv, Israel, November 9 - 12, 2014) The third International Conference on Homeland Security will bring together government officials, public authorities, and HLS industry leaders from around the world to share their knowledge and experience.
i-Society 2014(London, England, UK, November 10 - 12, 2014) i-Society 2014 is a global knowledge-enriched collaborative effort that has its roots from both academia and industry. The conference covers a wide spectrum of topics that relate to information society,...
Seattle SecureWorld(Seattle, Washington, USA, November 12 - 13, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
AVAR 2014(, January 1, 1970) The 17th Association of anti-Virus Asia Researchers International Conference: Security Down Under. Topics will include case studies of targeted attacks, real-life attack demonstrations, web-inject attacks/code...
ZeroNights 2014(Moscow, Russia, November 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest...
Cyber Security Awareness Week Conference(New York, New York, USA, November 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive...
Ground Zero Summit, India(New Dehli, India, November 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in...
Deepsec 2014(Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research...
BugCON(Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows...
Navy Now Forum: Admiral Rogers(Washington, DC, USA, November 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership...
International Cyber Warfare and Security Conference(Ankara, Turkey, November 19 - 20, 2014) In-depth discussions will cover: new emerging threats and challenges on cyber warfare, the policy of leading cyber nations in cyber warfare and security, legal aspects of cyber warfare, industrial perspective...
EDSC 2014(Seattle, Washington, USA, November 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important...
Cyber Security World Conference 2014(New York, New York, USA, November 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused...
Ethiopia Banking and ICT Summit(Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial...
BSidesVienna(Vienna, Austria, November 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned
BSidesToronto(Toronto, Ontario, Canada, November 22, 2014) This year the conference is bigger, better, faster and…well, still one day in length but, we have an awesome line up. And no I'm not just paying "lip service"
DefCamp5(Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.