SoundCloud, touted as the world's largest streaming music service, has been thoroughly "infested" by jihadists "of all stripes," reports Homeland Security Today. The infestation serves information operations, recruiting, and, possibly, physical command and control.
Anonymous has promised an operation against Israel for this Friday. Other Anonymous cells hit Philippine government websites to protest "incompetence." This week's G20 meetings in Brisbane are expected to attract the usual hacktivist attention.
Mandiant's founder charges the Russian government with conniving at criminal attacks on Western banks and retailers. His (unsurprising) allegation comes as investigators continue to unravel BlackEnergy's longstanding presence — since 2011 — in US infrastructure networks.
Russian domestic Internet traffic seems to be passing through a large number of Chinese servers, and realization that this is so has raised the eyebrows of Russian security officers.
The US is investigating an apparent Chinese cyber operation against the US Postal Service.
Cyber rioting continues in the Subcontinent, as Pakistani hackers deface Indian websites. Some attacks seem to have hit the wrong target, as the US State of Indiana's Education Department is defaced twice by hacktivists under the impression that Indiana and India are much the same. (In fairness, we suppose, anyone could make such a mistake, and similar things have happened before. Ask NASA, one easily dropped letter away from NSA.)
Malaysia's government may have targeted a specialized US-based news organization.
A potential buyer may be sniffing at AVG Technologies. Market analysts dissect publicly traded cyber companies.
Tor wonders how cops "decloaked" the darkweb.
Today's issue includes events affecting Australia, Brazil, Canada, China, Estonia, European Union, Germany, India, Ireland, Israel, Japan, Republic of Korea, Latvia, Lithuania, Malaysia, NATO, New Zealand, Pakistan, Palestinian Territories, Philippines, Russia, Singapore, United Kingdom, United Nations, United States.
The CyberWire will observe Veterans' Day tomorrow by taking a break from publication. We'll be back as usual on Wednesday. We invite you to join us tomorrow in sparing a thought for veterans and their families. Also, we invite you to take a look at the CyberWire glossary, which you can find in the main menu on our website. You're a diverse audience, ranging from cyber experts to newcomers (with executives, students, etc. in the mix) and we hope you'll find something of useful interest there. Feel free to suggest new entries.
Cyber Attacks, Threats, and Vulnerabilities
Jihadists Have Infested World's Second Biggest Streaming Music Service(HS Today) As a prelude to a major comprehensive report on the history of online jihad by Al Qaeda in Afghanistan to the Islamic State in Iraq and Syria to be released next week by the Middle East Media Research Institute (MEMRI) Jihad and Terrorism Threat Monitor, MEMRI Executive Director Steven Stalinsky made available to Homeland Security Today his new report on how jihadists of all stripes have infested SoundCloud, a Berlin-based social networking platform created in 2007 that allows users to upload and share audio content for free
Brisbane — Give Me a Cyber Target Anyday(Sam Volkering's TechInsider) 'Give me Brisbane Anyday.' That's the official slogan for Brisbane. I'm sure it took a room full of people with skinny jeans, jeggings, checkered shirts, beards and spectacles a whole week to come up with that
BlackEnergy Malware Inside Critical US Infrastructure Since 2011(VPN Creative) This week, researchers at Kaspersky Labs released their latest report on the infamous BlackEnergy malware, claiming that Russian hackers have been using the program to infiltrate vital pieces of the US energy infrastructure including power plants, hydroelectric dams, and manufacturers of equipment destined for nuclear-powered facilities
BlackEnergy threatens U.S. infrastructure(GSN) Investigators have discovered a potential cyber security threat to the U.S. critical infrastructure. BlackEnergy is a trojan horse discovered within the software that controls oil and gas pipelines, water systems, and power transmission grids in the U.S. Using Black Energy, hackers could have the ability to use the internet to shut down pipelines, nuclear power plants, wind turbines, and water treatment plants
Russia is behind cyber attack on banks, says Kevin Mandia(Australian Financial Review) Russian President Vladimir Putin's government is actively "condoning" hacks on Western retail and banking businesses, according to the founder of one of the world's leading cyber security firms ahead of the G20 summit in Brisbane and a meeting between Prime Minister Tony Abbott and the Russian leader at the APEC summit in Beijing
Pakistani Hacker Hacks Consulate General of India in Guangzhou, China(HackRead) The never ending cyber war between India and Pakistan has taken new heights where hackers from both sides are targeting high profile government owned websites, but Pakistani hacker yesterday hacked the official website of Consulate General of India in Guangzhou, China
Indiana ed department site hit with second cyber attack(Education Dive) Hackers have infiltrated the Indiana Department of Education's website for the second time this week. This time around, a message was left on the site that read, "SUPRISED (sic) WE ARE HERE AGAIAN (sic)??? THE LAST TIME THIS SITE WAS DOWN NO PATCH WAS DONE." After the site went down the first time, the department claimed it was working to create a patch that would stop future hackers — but that clearly wasn't successful
Darkhotel APT Group Targeting Top Executives in Long-Term Campaign(Threatpost) APT groups tend to be grouped together in a large amorphous blob of sinister intentions and similar targets, but not all APT crews are created equal. Researchers have identified a group that's been operating in Asia for at least seven years and has been using hotel networks as key infection points to target top executives at companies in manufacturing, defense, investment capital, private equity, automotive and other industries
MD5 Hash Broken via Collision Attack of Less Than $1(Hot for Security) The MD5 hash collision attack that hijacked the Windows Update system back in 2012 was replicated with just 65 US cents worth of cloud computing fees, according to Nathaniel McHugh's blog post
Zubie: This Car Safety Tool 'Could Have Given Hackers Control Of Your Vehicle'(Forbes) Over the last year, researchers have been guessing at ways hackers might compromise cars from afar. Now, alumni of Israel's cyber intelligence division, Unit 8200, have discovered that an innocuous American in-vehicle technology could have been exploited to remotely mess with the brakes, steering and engine. It's the first example of such a cyber attack on a specific in-car "dongle". And it may prove to be a watershed moment in the history of vehicular security
Bulletin (SB14-314) Vulnerability Summary for the Week of November 3, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Business braces for heavy Patch Tuesday(ComputerWeekly) IT administrators face a busy month at server, desktop and application level as Microsoft plans to release a bumper security update on 11 November 2014
Alert (TA14-310A) Microsoft Ending Support for Windows Server 2003 Operating System(US-CERT) Microsoft is ending support for the Windows Server 2003 operating system on July 14, 2015. (link is external) After this date, this product will no longer receive: security patches that help protect PCs from harmful viruses, spyware, and other malicious software, assisted technical support from Microsoft, software and content updates
Securing an Internet Made from 'Duck Tape and Baling Wire'(Threatpost) The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it's a frighteningly fragile construction
Data Breaches: Almost Like Clockwork(Trend Micro CTO Insights) Last year, as part of our predictions for 2014 we said there would be one major data breach every month. At the time, many people said that our prediction was overly pessimistic. It was one prediction I would have been happy to have gotten wrong
Keeping cybersecurity focused on critical infrastructure(Euractiv) There is an uneven landscape when it comes to cybersecurity readiness in Europe, writes Thomas Eboué. To build a foundation for cyber protections, the European Union needs to start with the most critical infrastructure, he argues
Health-Care Industry Starts to Pay Attention to Cyber Risks(Wall Street Journal) The health-care industry is grappling with how to protect personal health information from increasing cyber threats. In addition to meeting security and privacy regulations, companies can do more to prevent breaches by assessing and prioritizing cybersecurity risks, said Jim Routh, chief information security officer at health insurer Aetna Inc. The message has already caught on at some health-care companies, who are starting to look for technology executives with risk experience
IBM: What's up with the sick man of the Dow?(CNBC Trader Talk) It's downright pathetic. IBM has gone from a monster after the Financial Crisis (it doubled in a couple years) to a loser, down 14 percent this year. True, it hasn't done much in the last two years, but it has simply collapsed since it's disappointing earnings report a few weeks ago
Norse Selected as Finalist for the 2014 Red Herring 100 Global Award(Virtual Strategy) Norse, the leader in live cyber attack intelligence, today announced that it has been selected as a candidate for the Red Herring 2014 Top 100 Global award. The award recognizes and honors the year's most audacious and far-reaching private technology companies and entrepreneurs from around the world
With APAC under threat, Fortinet expands India operations(Times of India) Silicon Valley headquartered network security provider Fortinet is scaling up its India operations, effecting a 56% increase in the technical workforce, as the Asia Pacific (APAC) region is turning out to be a hotbed for cyber attacks
Gemalto deploys secure online banking solution in Indonesia(Newsmaker) Gemalto (Euronext NL0000400653), the world leader in digital security, announces that its complete strong authentication solution has been selected by PT Bank Muamalat Indonesia Tbk (BMI) to enhance the security of their internet banking platform
Symantec brings the Cyber Readiness Challenge to Mumbai(DNA India) Cyber attacks are rising worldwide and the corporations are lagging behind when it comes to defending themselves, Symantec hence has created a unique Cyber Readiness Challenge where networks are simulated and attacked to see how vulnerable companies actually are, allowing them to build solutions for these problems before they are exploited
Microsoft continuously attempts to hack Office 365 to make it safer for commercial use(WinBeta) You may not realize it, but there is a lot of money that can be made from selling your online identity to those who are up to no good. This makes it a great opportunity for hackers to make enough money to pay their electricity bills. This year alone, 5 million Gmail passwords were stolen, 7 million from Dropbox and 2 million from Facebook, and we can only guess how many other thefts went undetected
LockPath Receives U.S. Patent(MarketWired) LockPath, a leader in innovative governance, risk management, regulatory compliance (GRC) and information security (InfoSec) solutions, announced today its receipt of a newly issued patent relating to its Keylight™ platform
Removing Wirelurker from Your iOS or OSX Device(TrendLabs Simply Security) In an earlier blog post, we tackled what Wirelurker malware is and its security implications and risks for iOS and OSX devices. Within hours of the discovery of this malware, a Windows-based malware (detected as TROJ_WIRELURK.A) that performs the same attack was also seen in the wild. In this blog post, we'd like to share practices and recommendations for users and enterprises in order secure their devices from this threat
Expanding Use of PKI in Variety of Devices Holds Challenges(Threatpost) One of the longest running jokes in the security industry is that each coming year finally will be The Year of PKI. While that one huge year never materialized, the use of PKI and digital certificates has become an integral part of how the Internet works today. But there are some challenges on the horizon that will need some innovative solutions
What to look for in Web application firewall products(TechTarget) Attackers are increasingly seeking unauthorized access to sensitive corporate data so they can use this information to commit identity theft, financial fraud and other crimes. Because so much of this sensitive data is in back-end databases accessible through Web applications, attackers frequently target these applications to gain access to their associated data
10 ways to recharge cybersecurity ops centers(GCN) The deck is stacked against defenders of government networks, at least those who join the battle from one of a growing number of cybersecurity operations centers (CSOCs), designed to concentrate as much technology and expertise as possible in the 24/7 effort to protect the public and its institutions
Overcoming Big Data security obstacles(Help Net Security) When it comes to security, Big Data can be the cause of many obstacles. As Big Data often contains enormous quantities of personally identifiable information, privacy becomes a very real and primary concern
Big Data: Cyber Security's Silver Bullet? Intel Makes the Case(Forbes) Every new exploit seems to unleash a flood of announcements touting niche products that allegedly saved their customers from the same sorry fate. In the security business, Monday morning quarterbacking is the norm. Yet many business and IT leaders sense that something's missing from the products security hucksters have been pitching for years
Swedish Researchers Report Record Wireless Data Transmission Rate(IEEE Spectrum) 4K (or ultra high definition) television technology requires high-speed TV cameras that produce data streams of 12 to 20 gigabytes per second. Such data rates can only be transmitted from the cameras by optical fiber links. In live reporting of sporting events such as soccer games — often requiring slow motion instant replay — these optical cables have to be dug in under the grass, severely limiting the mobility of the cameramen. Up to now, there have been no wireless links capable of handling these torrents of data
NATO Hews To Strategic Ambiguity On Cyber Deterrence(Breaking Defense) NATO is now taking cyber threats as seriously as the Russian tanks and nuclear weapons it was created to deter. But the alliance has a long way to go just to shore up its own network defenses, and it explicitly eschews any role on the offense. NATO has not even written a formal policy on how it would deter a cyber attack. The net result is a certain degree of strategic ambiguity — but then NATO has survived and even thrived on ambiguity for decades
Germany, Brazil Push the UN to Be Tougher on Cyber-Spying(NDTV) Germany and Brazil are pushing the United Nations to be tougher on spying by beefing up an earlier U.N. resolution raising concerns that mass surveillance, interception of digital communications and personal data collection could harm human rights
Regional security — common interest of Germany and Baltic States(Baltic Course) President of Lithuani Dalia Grybauskaite met with the President of the Federal Republic of Germany, Joachim Gauck. Taking part in the meeting on the eve of the 25th anniversary of the fall of the Berlin Wall were also Latvian President Andris Berzimn and Estonian President Toomas Hendrik Ilves. The presidents discussed the security situation in the region and ways to counter newly emerging threats, reports BC press service of Lithuanian president
Cyberspace: Democrats jeopardize lives of Americans for political motives(Examiner) Besides the thrashing Democrats experienced at the voting booths on Tuesday, the Sunday morning news shows addressed a number of issues that needed attention by the new Senate and Congress in January. For example, on ABC's "This Week," the Democrat from Rhode Island, Rep. Jim Langevin, said that there is a very real risk that unfriendly nations, such as Russia and China, or Muslim terrorists with the technical know-how could launch cyber attacks against critical U.S. infrastructure such as the nation's power grid
Net Neutrality: President Obama's Plan for a Free and Open Internet(The White House) More than any other invention of our time, the Internet has unlocked possibilities we could just barely imagine a generation ago. And here's a big reason we've seen such incredible growth and innovation: Most Internet providers have treated Internet traffic equally
DoD Advances Information Technology to Lower Costs(DoD News) The Defense Department is pushing forward on information technology such as cloud computing, smartphones and apps, the Joint Information Environment, and data access to improve the mission and reduce costs, the Pentagon's acting chief information officer said yesterday
Obama's Attorney General Pick Will Be Stranger to National Security Law(Foreign Policy) President Obama's reported choice to replace Eric Holder as attorney general, U.S. attorney for the Eastern District of New York Loretta Lynch, has vast experience as a prosecutor and, from a survey of articles written about her in the past, is well respected by her peers. But a review of her background reveals that she has little to no experience dealing with the legal issues surrounding national security that dominated Holder's time as the nation's top law enforcement official
Thoughts and Concerns about Operation Onymous(Tor Project) Recently it was announced that a coalition of government agencies took control of many Tor hidden services. We were as surprised as most of you. Unfortunately, we have very little information about how this was accomplished, but we do have some thoughts which we want to share
The FBI Impersonates the Media: Some of the Rules Governing Cyber-Subterfuge(Lawfare) The developing story of the FBI's impersonation of journalists is, in a way, really the story of Timberline high school in Washington State. In June of 2007 Timberline had received a series of bomb threats, prompting a week of evacuations. The FBI and local law enforcement traced the problem to an anonymous account on the MySpace social media site. But the trail seemed to stop there, as investigators were unable to ascertain the identity of the person or persons behind the account
Finjan Sues Palo Alto Networks for Patent Infringement(Recorder) Finjan Inc., a cybersecurity patent licensing company, has been a busy litigant in the Northern District of California. In the past two years, Finjan has wielded its patents related to computer network security against Symantec Corp., Fireeye Inc., Blue Coat Systems Inc., Sophos Inc., Websense Inc., and Proofpoint Inc. On Tuesday Palo Alto Networks became the latest Silicon Valley cybersecurity firm to face patent infringement claims from the NPE
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Israel HLS 2014(Tel Aviv, Israel, November 9 - 12, 2014) The third International Conference on Homeland Security will bring together government officials, public authorities, and HLS industry leaders from around the world to share their knowledge and experience.
i-Society 2014(London, England, UK, November 10 - 12, 2014) i-Society 2014 is a global knowledge-enriched collaborative effort that has its roots from both academia and industry. The conference covers a wide spectrum of topics that relate to information society,...
Seattle SecureWorld(Seattle, Washington, USA, November 12 - 13, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
THREADS Conference 2014(Brooklyn, New York, USA, November 13, 2014) A 2-day conference exploring state-of-the-art advances in security automation. We will present new research and innovations on integrating security into modern software development and operations, focusing...
ZeroNights 2014(Moscow, Russia, November 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest...
Cyber Security Awareness Week Conference(New York, New York, USA, November 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive...
Ground Zero Summit, India(New Dehli, India, November 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in...
The affect of cybersecurity on humans(Albuquerque, New Mexico, USA, November 14, 2014) Most people would agree that technology is fascinating and has changed our lives in countless ways. But but how is it affecting us as humans and what are the issues surrounding the rapid advance in technology,...
The Affect of Cybersecurity on Humans(Albuquerque, New Mexico, USA, November 14, 2014) Most people would agree that technology is fascinating and has changed our lives in countless ways. But but how is it affecting us as humans and what are the issues surrounding the rapid advance in technology,...
Deepsec 2014(Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research...
BugCON(Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows...
Navy Now Forum(Washington, DC, USA, November 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.