ISIS murders, done for the benefit of the camera and widely disseminated online, may be the cruelest mode of information operations going. They may also be provoking a long-delayed backlash.
Ukraine's biometrics passports were produced by a company with apparently deep connections to Russian oligarchs, and that company probably has access to Ukrainians' personally identifying information. (A Radio Liberty reporter cheekily tweets a request for comment at Mr. Snowden.)
The US State Department's email is back up, amid unofficial notice that "incidents of concern" look like Russian cyber espionage, and amid widespread journalistic eyebrow-raising over the state of .gov cyber security.
Brian Krebs maps the Russian organized cyber crime landscape.
Germany's BfV chief warns that his country is actively targeted in cyberspace by state (especially Chinese and Russian) security services.
Cisco researchers dissect some recent steganographic cloaking of malware. Seculert finds increasingly sophisticated domain-generation algorithms, and Lookout warns that mobile botnets are growing more resilient. Blue Coat points out encryption's downside: "visibility voids." Bromium looks at crypto-ransomware.
Holiday shopping is upon us, and observers expect a rising tide of retail cyber crime. Cyactive points out new variants of Backoff point-of-sale malware. TrendLabs looks at point-of-sale scammers' toolkits.
Yesterday Microsoft issued a critical out-of-band patch of a Kerberos privilege escalation vulnerability.
Boeing may be shopping some of its cyber units.
Tor convinces many that de-anonymization is harder than researchers made it seem.
The Council on Foreign Relations sees declaring zero-day policy (note — declaration of policy, not zero-days themselves) as a confidence-builder.
Today's issue includes events affecting China, Germany, India, Indonesia, Iraq, New Zealand, Russia, South Africa, Sweden, Syria, Ukraine, United Kingdom, United States, and Vietnam.
Фирму, работающую с «Газпромом» и «Роснефтью», допустили к изготовлению биометрических паспортов украинцев(UAINFO) Обеспечивать выпуск биометрических паспортов для украинцев будет
российская фирма, которая работает с «Газпромом», «Роснефтью» и
«Федеральной таможенной службой РФ». Таким образом иностранная фирма
получает доступ к базе данных миллионов граждан Украины. На этот факт в
своем «Фейсбуке» Сергей Гайдай обращает внимание журналистов,
продюсеров и редакторов телегрупп, прочих СМИ ищущих социально
значимые и резонансные темы для расследований на фирму, которая будет
обеспечивать изготовление биометрических паспортов
Auditors: State Department has history of poor cybersecurity(Politico) The State Department, which shut down its unclassified email system and cut off Internet access over the weekend to deal with a suspected online attack, has a history of weak cybersecurity, and it grew worse over the last four years, according to auditors
The Spam Wars(Slate) The Russian cybercrooks behind the digital threats in your inbox
Reversing Multilayer .NET Malware(Cisco Blogs) Recently, we came across a malware sample that has been traversing the Internet disguised as an image of a woman. The malware sample uses several layers of obfuscation to hide its payload, including the use of steganography
A Peek Inside a PoS Scammer's Toolbox(TrendLabs Security Intelligence Blog) PoS malware has been receiving a tremendous amount of attention in the past two years with high profile incidents like Target, Home Depot, and Kmart. With the massive "Black Friday" shopping season coming up, PoS malware will surely get additional publicity. This high profile nature means, we constantly look for evolving PoS malware and look into their behavior patterns to better protect our customers and users
Stuxnet: Victims Zero(Kaspersky Lab Daily) The story of the Stuxnet worm made a lot of headlines a year ago and gave information security folks chills. Who created it, and why, is still a mystery. However, rumor has it that American and Israeli Intelligence wanted to use it to sabotage the Iranian nuclear program. The story is very feasible as malware indeed made the uranium enrichment centrifuges inoperable, throwing the Iranian nuclear program years behind
Hacker Lexicon: What Is the Dark Web?(Wired) With the rise and fall of the Silk Road — and then its rise again and fall again — the last couple of years have cast new light on the Dark Web. But when a news organization as reputable as 60 Minutes describes the Dark Web as "a vast, secret, cyber underworld" that accounts for "90% of the Internet," it's time for a refresher
Microsoft Security Bulletin MS14-068 — Critical: Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)(Microsoft Security TechCenter) This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. An attacker must have valid domain credentials to exploit this vulnerability. The affected component is available remotely to users who have standard user accounts with domain credentials; this is not the case for users with local account credentials only. When this security bulletin was issued, Microsoft was aware of limited, targeted attacks that attempt to exploit this vulnerability
Stable Channel Update(Chrome Releases) The Chrome team is delighted to announce the promotion of Chrome 39 to the stable channel for Windows, Mac and Linux. Chrome 39.0.2171.65 contains a number of fixes and improvements, including
Expect More Data Breaches In Stores This Season, Experts Say(International Business Times) Nearly a year after Target Corp.'s massive and costly data breach, the company is expected Wednesday to finally show an uptick in store traffic. But as Target tries to get past 2013's hacking while heading into the all-important holiday shopping season, analysts warn that cybercrime is heating up and that some retailers will inevitably fall victim to breaches of payment data
Cyber criminals to eye high-value targets: Trend Micro(The Hindu) Here's some good news. Prices of malicious wares in the cyber underground have drastically come down. The average price of credit card credentials has reduced to $1 from $3 in 2014, Facebook credentials to $100 from $200 and that of Gmail credentials to $100 from $217. This, experts say, is because of the tremendous increase in supply. This happiness, however, is short lived. Cybercriminals will set their sights on bigger targets rather than on individuals, as this translates to bigger gains
One billion attacks were blocked during the third quarter(Help Net Security) Over a billion malicious attacks were detected and blocked during the third quarter, according to Kaspersky Lab. One third of Web attacks were carried out using malicious Web resources hosted in the United States
Hackers attacked the U.S. energy grid 79 times this year(CNN Money) In fiscal year 2014, there were 79 hacking incidents at energy companies that were investigated by the Computer Emergency Readiness Team, a division of the Department of Homeland Security. There were 145 incidents the previous year
One-in-four have been victims of identity theft(Help Net Security) Identity theft has ranked as the top concern amongst consumers questioned about their digital lifestyles, according to Centrify. The survey of 1,000 UK consumers, reveals that 81% of respondents cited that they were concerned, or very concerned about the prospect of having their identity stolen
Cyber acquisition vexes industry, government(Washington Technology) Emerging technologies that help increase cybersecurity for the United States are hard to buy since these technologies change so quickly, says the head of the U.S. Army Cyber Command
Boeing eyes revamp of cyber business to focus on key areas(Reuters) Boeing Co said this week it is reevaluating its cybersecurity business and could divest or reassign some units as it focuses more on a few critical areas, including classified work it is doing for some U.S. government agencies
Garnero Group Acquisition Company and WISeKey SA Announce Updated Terms for Combination(PRNewswire) Garnero Group Acquisition Company ("GGAC") (NASDAQ: GGACU, GGAC, GGACR, GGACW), a blank check company, and WISeKey SA ("WISeKey"), a global provider of cyber security solutions, announced today that holders of approximately 93.4% of WISeKey's fully diluted common shares have accepted GGAC's offer to exchange their WISeKey shares for GGAC ordinary shares in connection with the previously announced transaction between GGAC and WISeKey
Cybercom provides digital signature services to Swedish Tax Agency(BusinessWire) The Swedish Tax Agency has chosen Cybercom (STO:CYBE) as its supplier of digital signature services. The agreement runs for two years, with an option for an additional two years. The value of the contract is estimated to be SEK 30 million for the first two years
MacAulay-Brown, Inc. Named to Department of Homeland Security EAGLE II Contract(Globe NewsWire) MacAulay-Brown, Inc. (MacB), a leading National Security company delivering advanced engineering services and product solutions to Defense, Intelligence, Special Operations Forces, Homeland Security and Federal agencies, announced today that it has been awarded a multiple award Indefinite-delivery/Indefinite-quantity (IDIQ) contract by the Department of Homeland Security (DHS)
Haystax appoints General Peter Pace as board chairman(GSN) McLean, VA-based Haystax Technology, a provider of advanced analytics and cybersecurity solutions, has announced that retired U.S. Marine General Peter Pace has been named chairman of the company's board of directors
LockPath and iSIGHT Partners Bring Real Time Cyber Intelligence to Keylight Customers(Marketwired) LockPath, a leader in innovative governance, risk, compliance (GRC) and information security (InfoSec) solutions, today announced a new integration between LockPath's Keylight™ platform and iSIGHT Partners ThreatScape® advanced cyber threat intelligence. The collaboration aligns joint customers' security programs with business risk management goals to proactively defend against new and emerging cyber threats
Deconstructing the Cyber Kill Chain(Dark Reading) As sexy as it is, the Cyber Kill Chain model can actually be detrimental to network security because it reinforces old-school, perimeter-focused, malware-prevention thinking
Stop More than the Usual Suspects(McAfee Blog Central) If signature-based security can't be trusted to catch and avenge zero-day attacks and other emerging malware threats, what will it take to plug the holes in our defenses? Most of us know something about inspection techniques that don't rely on signatures, but what does the whole solution space look like? How do the available technologies relate to each other and to the set of inspection platforms that make up a typical network security environment?
Threat intelligence — the best form of defence?(Computing) Security guru Bruce Schneier was probably not the first person to observe that, whether in the virtual or the physical world, the challenge for defenders is always that much greater than for attackers
5 ways to minimize risk in the cloud(Federal Times) The migration of information to the cloud is largely regarded as a next major step in enabling organizations to work faster, cheaper and more efficiently. According to the Office of Management and Budget, an estimated $20 billion of the federal government's $80 billion in IT spending is a potential target for cloud-based solutions
Hybrid Cloud is the New Normal: 4 Key Security Steps you Need to Get it Right(IBM SecurityIntelligence) As the perimeter of your organization's network becomes less defined, and you read everyday in the media that cyberattackers are becoming more and more advanced, there is a temptation for security teams to limit use of the cloud. However, the advantages of clouds — especially Hybrid clouds that include a mix of privately and publicly hosted IaaS, PaaS and SaaS services — are too compelling to avoid. The good news is that all cloud models can be secured, opening the way for controlled and secure business use
Risk assessment benefits, best practices and pitfalls(Help Net Security) Ryan Ward is CISO at Avatier. In this interview, he talks about the overlooked benefits of risk assessment, offers best practices for performing successful risk assessments, outlines the pre-requisites for becoming a risk assessment professional, and more
Automated coffee roaster heats up Cyber Junkyard 2014(BizCommunity) The annual Siemens Cyber Junkyard competition, sponsored and arranged by Siemens, took place in Johannesburg on 27 October 2014. After a hectic day of interviews, presentations, physical demonstrations and testing of the competition entries, College of Cape Town took first prize in the 2014 competition
Legislation, Policy, and Regulation
Disclosing Policies on Zero-Days as a Confidence-Building Measure(Council on Foreign Relations) Yesterday, Kim Zetter of Wired published an interview with Michael Daniel, special assistant to the president and cybersecurity coordinator, in which Daniel provides more information about the U.S. government's policy on disclosing zero-day vulnerabilities
The State Secrets Senator Mark Udall Should Reveal(Atlantic) Establishment voices believe Udall should wait for the CIA and the Senate to finish their negotiations about what parts of the report ought to be released to the public. Nonsense. The fact that the CIA is a party to negotiations about what parts of a report into its own criminal misconduct will be suppressed is itself an absurdity, and suggests that the CIA already has undue influence over U.S. politics
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Deepsec 2014(Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research...
BugCON(Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows...
Navy Now Forum: Admiral Rogers(Washington, DC, USA, November 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership...
International Cyber Warfare and Security Conference(Ankara, Turkey, November 19 - 20, 2014) In-depth discussions will cover: new emerging threats and challenges on cyber warfare, the policy of leading cyber nations in cyber warfare and security, legal aspects of cyber warfare, industrial perspective...
EDSC 2014(Seattle, Washington, USA, November 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important...
Cyber Security World Conference 2014(New York, New York, USA, November 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused...
Ethiopia Banking and ICT Summit(Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial...
BSidesVienna(Vienna, Austria, November 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned
BSidesToronto(Toronto, Ontario, Canada, November 22, 2014) This year the conference is bigger, better, faster and…well, still one day in length but, we have an awesome line up. And no I'm not just paying "lip service"
DefCamp5(Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering...
Healthcare Cyber Security Summit 2014(San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit
SINET 16(Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...
SINET Showcase(, January 1, 1970) "Highlighting and Advancing Innovation." Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and...
Tax Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the...
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe...
ACSAC 30: Annual Computer Security Applications Conference(New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters,...
ICFPT 2014(Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.