Opsec discipline seems to be paying off for ISIS: credit Abu Bakr al-Baghdadi's continued survival to ISIS C2's evasion of communications surveillance.
Australia braces for a wave of hacktivism (and cyber espionage masked thereby) as the G20 convene in Brisbane this weekend. (Anonymous promises to "hijack" the expropriators' hashtags and show the world what for. The threat's unusually puerile (and puellile) even for Anonymous — propaganda of the deed on the level of Spanky and Our Gang's cry, "Let's put on a show!") In any case, Anonymous aside, there are serious threats, and the Australian Signals Directorate is offering tips on how to parry them.
Presidential handshakes have small positive effect on cyber relations between the US and China. The US National Oceanic and Atmospheric Administration (NOAA) attributes its recent hack to China, and an apparent Chinese patriotic hacker defaces US Department of Transportation sites. Policy wonks talk a lot of Clausewitz as they look at Sino-American relations in cyberspace. Drawing a line between cyber warfare and espionage seems particularly difficult.
UK-based bank HSBC suffers a data breach originating in Turkey that affects 2.7M customers. Other threats to the financial sector circulate: the Dridex Trojan is still out there, and low-tech crooks show how easy it is to milk an ATM.
In industry news, Microsoft asks more cooperation of AV vendors, suggesting they "remember who the enemy is." Shared threat intelligence and collaborative response to attacks are seen as particularly valuable.
Retailers and banks swap shots in their regulatory lobbying war.
Today's issue includes events affecting Australia, China, Denmark, European Union, India, Iran, Russia, Syria, Turkey, Ukraine, United Kingdom, United States.
Australia braces for G20 cyber attacks(Fox News) Australian defense officials are preparing for what could be a barrage of possible cyber attacks during the G20 leaders' summit this Saturday and Sunday in Brisbane
G20 Cyber Security Advice(Australian Signals Directorate) Targeting of high profile events such as the G20 by state-sponsored or other foreign adversaries, cyber criminals and issue-motivated groups is a real and persistent threat. The information contained on government systems, whether classified or unclassified, is of strategic interest to cyber adversaries. Information gathered through cyber espionage can be used to gain an economic, diplomatic or political advantage
Tracking Activity in the Chinese Mobile Underground(TrendLabs Security Intelligence Blog) We first lifted the veil on activities in the Chinese cybercriminal underground in 2012. Since then, we have continually reported about notable changes or activity found in this black market
HSBC loses 2.7mn users' data in Turkey cyber attack(Gulf Times) HSBC Holdings' Turkish unit said it lost 2.7mn customers' bank data in a cyber-attack. The hack resulted in the theft of data on cards and related bank accounts, Europe's biggest lender said in an e-mailed statement. No other information was stolen, and the breach shouldn't result in financial risk for customers, London-based HSBC said
BASHLITE Affects Devices Running on BusyBox(TrendLabs Security Intelligence Blog) When news of the Shellshock vulnerability broke out at the end of September, we spotted several attacks that leveraged the said vulnerability, thus manifesting the prevalence or even evolution on how attackers used the exploit. For instance, attackers used Shellshock to target SMTP servers, launch botnet attacks, and even to download KAITEN source code among others
SChannel Update and Experimental Vulnerability Scanner (MS14-066)(Internet Storm Center) Just a quick update on the SChannel problem (MS14-066, CVE-2014-6321). So far, there is still no public available exploit for the vulnerability, and details are still sparse. But apparently, there is some progress in developing a working exploit. For example, this tweet by Dave Aitel
New Twist to the Telephone Tech Support Scam(FBI Cyber Division IC3) The IC3 has produced Scam Alerts in the past advising the public of an ongoing telephone scam in which callers purport to be an employee of a major software company. The callers have strong foreign accents. The callers report the user's computer is sending error messages and numerous viruses have been detected. The caller convinces the user to give them permission to run a program allowing the caller to gain remote access. The caller advises the virus can be removed for a fee
Network Hijackers Exploit Technical Loophole(KrebsOnSecurity) Spammers have been working methodically to hijack large chunks of Internet real estate by exploiting a technical and bureaucratic loophole in the way that various regions of the globe keep track of the world's Internet address ranges
Two Dudes Prove How Easy It Is to Hack ATMs for Free Cash(Wired) When a small-time Tennessee restaurateur named Khaled Abdel Fattah was running short of cash he went to an ATM machine. Actually, according to federal prosecutors, he went to a lot of them. Over 18 months, he visited a slew of small kiosk ATMs around Nashville and withdrew a total of more than $400,000 in 20-dollar bills. The only problem: It wasn't his money
Under Attack: Your Bank, Your Grid, Yourself(Bloomberg View) Years ago hackers planted malicious software on computer systems that control parts of the United States' critical infrastructure, including pieces of the electrical grid, gas and water systems. The malware, which the Department of Homeland Security warned about only last month, was dubbed BlackEnergy and traced back to the Russian government
A Recap of the JP Morgan Breach(Webroot Threat Blog) There is a clear trend that every year there are bigger targets compromised with increased frequency with more personal data being collected. The recent attack on JP Morgan Chase is especially alarming considering they are the largest US bank and hackers had gained access to numerous servers with administrative access for nearly a month before being detected
Security Patches, Mitigations, and Software Updates
A Killer Combo: Critical Vulnerability and 'Godmode' Exploitation on CVE-2014-6332(TrendLabs Security Intelligence Blog) Microsoft released 16 security updates during its Patch Tuesday release for November 2014, among which includes CVE-2014-6332, or the Windows OLE Automation Array Remote Code Execution Vulnerability (covered in MS14-064). We would like to bring attention to this particular vulnerability for the following reasons
The future of war: expanding the Clausewitzian spectrum of conflict(Foreign Policy) The Pentagon's principal cyber advisor, Assistant Secretary of Defense Eric Rosenbach, said about cyber operations last month, "The place where I think it will be most helpful to senior policymakers is what I call in 'the space between'. What is the space between? … You have diplomacy, economic sanctions…and then you have military action. In between there's this space, right? In cyber, there are a lot of things that you can do in that space between that can help us accomplish the national interest"
Time To Turn The Tables On Attackers(Dark Reading) As a security industry, we need to arm business with innovative technologies that provide visibility, analysis, and action to prevent inevitable breaches from causing irreparable damage
Gemalto acquires Marquis ID Systems(Nasdaq) Gemalto (Euronext NL0000400653 - GTO), the world leader in digital security, today announces that it has acquired all of the outstanding shares of Marquis ID Systems (MIDS), a primary provider of fully integrated solutions and services for Drivers License and Identification in the United States
Cybersecurity Veteran Takes Helm as Catbird CEO(MarketWatch) With an increased focus on the company's growth plans, Catbird announced today the promotion of David Keasey to CEO. Keasey formerly served as Executive Vice President of Sales and Business Development for Catbird, the leader in security policy automation and enforcement for private clouds and virtual infrastructure
Products, Services, and Solutions
Apple Pay: How Secure Is It?(eSecurity Planet) Apple Pay and other emerging mobile payment methods like Google Wallet possess potential security vulnerabilities, yet they are more secure than credit cards
Windows Phone Sandbox Holds Up at Mobile Pwn2Own(Threatpost) The Mobile Pwn2Own hacking contest ended today as did the PacSec Applied Security Conference in Tokyo with hackers unable to gain complete control over a Windows Phone and the latest version of the Android mobile OS
Check Point Introduces Solution for Fast Detection of Malware(This Day Live) Check Point Software Technologies, a global player in internet solutions, has introduced new solution that will detect and prevent malware in a system at the fastest possible time. The solution, which tests for zero second protection, beat out major solutions from other solution providers in a recent benchmark testing of malware attacks on corporate networks
Linux Security Distros Compared: Tails vs. Kali vs. Qubes(Lifehacker) If you're interested in security, you've probably already heard of security-focused Linux distros like Tails, Kali, and Qubes. They're really useful for browsing anonymously, penetration testing, and tightening down your system so it's secure from would-be hackers. Here are the strengths and weaknesses of all three
Technologies, Techniques, and Standards
Hacker Wars: Companies Fight Back With Counter-Intelligence(NBC News) One Monday last June, 16 workers logged into their computers at the defense contractor Exelis and found emails from a financial consultant who was advising them on a subsidiary's planned spinoff. The message, sent the day before, offered updates on how the deal would affect their stock options. A spreadsheet was attached, and anyone who clicked on it got a pop-up window with the company logo asking for their user name and password
APT: Don't Give Up On Prevention(InformationWeek) As businesses rely on more complex systems with more tools from different vendors, traditional security measures are becoming increasingly inadequate
How Can Organisations Deal Intelligently with Information Security Breaches?(CSO) Data breaches are happening more frequently, compromising larger volumes of data than ever before. We seem to hear about new data breaches every day. The number of compromised records grows, while organisations are subjected to larger financial penalties, stronger legislative and regulatory scrutiny, and tangible reputational damage. For organisations that suffer a breach, responding in an intelligent and confident manner is critical
Shared Responsibility Examples: Shellshock(Trend Micro: Simply Security) Shellshock (which entails a number of CVE's), is a bug that affects bash, a command line interpreter/shell. This bug was rated a 10/10 by the National Vulnerability Database, meaning that it could have a huge impact and is easily exploitable
Managing and communicating IT security risk: A look inside Booz Allen Hamilton, Part 2(FierceCIO) In yesterday's edition of FierceCIO we published part one of our interview with Booz Allen Hamilton CIO Kevin Winter. Winter discussed the unique reporting relationship in which his boss is the firm's CISO. Today he discusses IT security budgets; communicating IT security to the board; career paths for CISOs; and advice on how to best acquire or develop a CIS
PCRE for malware audits(Internet Storm Center) When auditing a company for their malware defense savvy, you are likely used to be presented with colorful pie charts of all the malware that their Anti-Virus (AV) product of choice "successfully" intercepted. Odds are that your auditee can show statistics for the past five years, and related "trends" of doom and gloom
What We Mean by Maturity Models for Security(Dark Reading) The aim is to assess the current state of security against a backdrop of maturity and capability to translate actions into goals that even non-security people can grasp
Best practices for government agencies to secure IT infrastructure(Help Net Security) Many government agencies, departments, subcontractors, service providers, and organizations that operate IT systems on behalf of the government must ensure protection of their critical infrastructure and ensure data security and continuous systems operation
Christmas: A Real Blend of Security & Online Shopping(ClickSSL Blog) Christmas is coming! Are we enough secured against cyber culprits? If the answer is "NO", then this article will give you an insight of some essential security precautions. It will make your Christmas delight, but in a secure manner. As like previous Christmas seasons, customers will again rush to E-shopping or bricks and mortar stores, there would be a great lump of data and sales
The promise of technology transfer(FCW) Research wranglers at the Department of Homeland Security are rounding up the next herd of federal cybersecurity technologies, to set them free on the commercial range in hopes of establishing hardier breeds of gear and capabilities
Students Face Off at NYU-Poly Cyber Security Week(The Journal) Hackers unite! At CSAW that is. New York University Polytechnic's School of Engineering is hosting eight separate security events this week in the 11th annual Cyber Security Awareness Week Conference (CSAW). Hundreds of college and high school students will converge at the campus starting on Thursday to participate in competitions, keynote talks and other events to help them boost their skills and knowledge in cyber security
'Think Before You Link' promotes student cyber safety(Washington Post) As elementary and secondary students spend more time online, a new free program will roll out Tuesday aimed at giving children, teachers and families the tools to help young digital users safely navigate the Internet
Legislation, Policy, and Regulation
US, China see little progress on cybersecurity(The Hill) The U.S. and China made little if any progress on cybersecurity when President Obama and Chinese President Xi Jinping met at this week's Asia-Pacific Economic Cooperation (APEC) summit in Beijing
Keeping cybersecurity focused on critical infrastructure(EurActiv) There is an uneven landscape when it comes to cybersecurity readiness in Europe, writes Thomas Boué. To build a foundation for cyber protections, the European Union needs to start with the most critical infrastructure, he argues
NSA Surveillance Faces Senate Test(TechCrunch) The United States Senate could vote on the USA FREEDOM Act as soon as next week, pushing the surveillance reform bill ahead this year. That would buck prior conventional wisdom that the Act was not a legislative priority, likely ending up shelved until the next Congress. There is still some fight in this Congress after all
As It Stands, Feinstein Would Vote 'No' on Surveillance Reform(Foreign Policy) In its current form, Sen. Dianne Feinstein, the chairwoman of the Senate Intelligence Committee, would vote against major legislation to reform the National Security Agency's bulk metadata collection program, the California Democrat said Thursday
[Letter from Bankers to Congressional Leaders](ABA) On November 6, 2014, a group of organizations representing elements of the retail industry wrote to you regarding recent breaches of consumer information. Their letter, unfortunately, is inaccurate and misleading, and recommends solutions that leave consumers vulnerable to enhanced risk of data breaches. The undersigned financial services organizations wish to set the record straight
Americans' Cellphones Targeted in Secret U.S. Spy Program(Wall Street Journal) The Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans
CDT Files Brief in Wyndham Supporting FTC Regulation of Data Security(Center for Democracy and Technology) On Wednesday, November 12th CDT, along with the Electronic Frontier Foundation, filed an amicus brief in the long-running FTC v. Wyndham litigation. Those who have followed the case and our coverage of it may remember that in April 2014, Judge Esther Salas of the Federal District Court of New Jersey ruled in favor of the FTC regarding its ability to regulate data security under the unfairness prong of the FTC Act. However, observing that this ruling involved a novel question of law, Judge Salas allowed Wyndham to appeal her ruling to the Third Circuit. It is in this appeal that we've filed our amicus supporting the FTC
10th Annual Cyber and Information Security Research Conference(Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...
Australian Cyber Security Centre Conference(Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.
AVAR 2014(, January 1, 1970) The 17th Association of anti-Virus Asia Researchers International Conference: Security Down Under. Topics will include case studies of targeted attacks, real-life attack demonstrations, web-inject attacks/code...
ZeroNights 2014(Moscow, Russia, November 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest...
Cyber Security Awareness Week Conference(New York, New York, USA, November 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive...
Ground Zero Summit, India(New Dehli, India, November 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in...
The Affect of Cybersecurity on Humans(Albuquerque, New Mexico, USA, November 14, 2014) Most people would agree that technology is fascinating and has changed our lives in countless ways. But but how is it affecting us as humans and what are the issues surrounding the rapid advance in technology,...
Deepsec 2014(Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research...
BugCON(Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows...
Navy Now Forum: Admiral Rogers(Washington, DC, USA, November 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership...
International Cyber Warfare and Security Conference(Ankara, Turkey, November 19 - 20, 2014) In-depth discussions will cover: new emerging threats and challenges on cyber warfare, the policy of leading cyber nations in cyber warfare and security, legal aspects of cyber warfare, industrial perspective...
EDSC 2014(Seattle, Washington, USA, November 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important...
Cyber Security World Conference 2014(New York, New York, USA, November 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused...
Ethiopia Banking and ICT Summit(Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial...
BSidesVienna(Vienna, Austria, November 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned
BSidesToronto(Toronto, Ontario, Canada, November 22, 2014) This year the conference is bigger, better, faster and…well, still one day in length but, we have an awesome line up. And no I'm not just paying "lip service"
DefCamp5(Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering...
Healthcare Cyber Security Summit 2014(San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit
SINET 16(Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...
SINET Showcase(, January 1, 1970) "Highlighting and Advancing Innovation." Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and...
Tax Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the...
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe...
ACSAC 30: Annual Computer Security Applications Conference(New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters,...
ICFPT 2014(Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.