Espionage kit "Regin" dominates today's news. Symantec published a lengthy report on the stealthy, persistent, advanced malware over the weekend. Regin is being widely compared to Stuxnet, but (reflexive journalistic comparison to familiar stories aside) any similarity appears to lie not in functionality, but rather in sophistication and tentative attribution. As F-Secure notes, "for a change" the malware doesn't appear to originate in Russia or China, and other observers are talking about " Western intelligence services" — possibly the US and Israel. F-Secure notes that it found a version of Regin on a northern European Windows server in 2009. Symantec (which notes that it didn't name the malware, "Regin" being a malign actor in Norse mythology) thinks the kit may have been in active use as far back as 2006.
Other notes on cyber war include US concerns about China (as NSA Director Rogers's warnings about critical infrastructure sink in) and (again) Iran, and Indian worries about a Pakistani-ISIS link. ISIS continues its activity in social media on several fronts, but other instances of "crowd-sourced war" crop up elsewhere, notably in Ukraine. A demotically titled op-ed in the Verge argues that the damage done in cyber war is essentially collateral; perhaps cyber war is impossibly discriminate.
Anonymous is causing trouble in Canada with hits on official site in Toronto and Ottawa. The proximate inspiration is apparently a teen's arrest for swatting: Anonymous objects to the arrest.
In industry news, analysts continue to review cyber stocks. Tenable may be prepping an IPO.
Today's issue includes events affecting Afghanistan, Austria, Belgium, Brazil, Canada, Chile, China, Ecuador, European Union, India, Iran, Iraq, Ireland, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Mexico, Netherlands, New Zealand, Pakistan, Russia, Saudi Arabia, Syria, Ukraine, United Kingdom, United States.
We'll be observing the Thanksgiving holiday home with our families, and won't publish on Thursday or Friday. The CyberWire will reappear as usual on Monday, December 1.
The Regin Espionage Toolkit(F-Secure) Regin is the latest in the line of sophisticated espionage toolkits used to target a range of organizations around the world. As already reported, it's one of the more complex pieces of malware around, and just like many of the other toolkits it also has a long history behind it. We first encountered Regin nearly six years ago in early 2009, when we found it hiding on a Windows server in a customer environment in Northern Europe
Traces of Regin malware may date back to 2006(IDG via CSO) Malware that Symantec says was probably developed by a nation state may have been used for as long as eight years, a length of time that underscores the challenges the security industry faces in detecting advanced spying tools
Intel boss' warning on cyber attacks no joke, say experts(Fox News) Top cybersecurity experts echoed a dire warning from a top intelligence chief on the vulnerability of the U.S. power grid, with one telling FoxNews.com that state-sponsored hackers could send America's nerve centers on an "uncontrollable, downward spiral"
Fears grow of Iran cyber attack(The Hill) Fears are growing that Iran will unleash cyber warfare on U.S. companies if negotiators are unable to reach a nuclear deal by Monday that would require Tehran to limit its nuclear program
Crowdsourced War(TechCrunch) At least 4,000 people have died in Eastern Ukraine, according to United Nations estimates, spilling roughly 5,000 gallons of blood on the nation's soil
India calls Islamic State a big threat on cyber world(Daily Times) India's Home Affairs Minister Rajnath Singh on Saturday blamed that terrorism in India was Pakistan-sponsored, hitting out at neighbouring country over Dawood Ibrahim, whom he described as the 'most-wanted criminal'
Gitmo 'Poet' Now Recruiting for Islamic State(Weekly Standard) An ex-Guantanamo detainee based in northern Pakistan is leading an effort to recruit jihadists for the Islamic State, an al Qaeda offshoot that controls large portions of Iraq and Syria
Hackers pledge more attacks(Ottawa Sun) The Anonymous hacker group that carried out Friday's cyber attack on City Hall has pledged attacks on eight more targets, including Ottawa Police and the Supreme Court
Hikvision DVRs sporting bugs that allow device hijacking(Help Net Security) A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining malware. They were successful because the DVRs come with a default administrative account "admin" with password "12345," and these are often left unchanged by users
Hacking RFID Payment Cards Made Possible with Android App(TrendLabs Threat Intelligence Blog) We recently encountered a high-risk Android app detected as ANDROIDOS_STIP.A in Chile. This app, found distributed through forums and blogs, can be used to hack into the user's RFID bus transit card to recharge the credits. What is the mechanism behind this, and what is the security risk of RFID payment cards in general?
Lookout Mobile Security Software Discusses NotCompatible Malware(Dumb Out) When mobile devices — nay, cell phones — started to make their way into the common public fray, security experts and researchers knew that it would only be a matter of time before these pieces of technology would become the target of malicious software like spam and malware
Vaporizer chargers can contain malware(Webroot Threat Blog) Vaporizers (AKA E-cigarettes) have been gaining some serious traction and widespread use over the past few years. The sudden surge of popularity isn't too surprising considering the fact that the health implications of nicotine consumption are vastly more favorable with vaporizers when compared to traditional cigarettes
Companies urged to 'consider the risks' of non-computing devices connected to global networks(Canadian Underwriter) There is an increase in the number of cars, industrial control systems and other non-computing devices that are connected to a global computer network, some of these devices are sold without "thorough security and functional testing" and are therefore "easier targets" for criminals than personal computers, yet most corporate information technology departments "are not responsible" for managing the security of such devices, IBM Corp. warned in a recent report
Bulletin (SB14-328) Vulnerability Summary for the Week of November 17, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Cyberwar is bullshit(Verge) As governments build stronger and smarter digital weapons, we're all collateral damage
Financial services cyber trends for 2015(Help Net Security) If 2014 was the "year of the breach," then what future cybersecurity threats await us? What's the next mode of attack, and how much worse will it be? That's the question on the minds of financial services companies as they invest in cyber protection measures, manage growing customer concerns and try to predict what's next
Why Palo Alto Networks Rallied 87% in 2014(Motley Fool) Palo Alto Networks' (NYSE: PANW ) stock has soared 87% in 2014, easily outperforming its industry peers and the overall market. What fueled that massive rally, and will the stock keep climbing in 2015?
Verint Is A Highly-Rated Economic Castle(Seeking Alpha) Let's have a look at Verint, one of the highest-rated economic castles in our coverage. We think the strongest companies on a fundamental basis are ones that generate the most value for shareholders
Splunk Jumps On A Rock Solid Quarter(Motley Fool) Unstructured data specialist Splunk (NASDAQ: SPLK) has had a rather turbulent year. After peaking at $106 in February, shares pulled all the way back to $40 as names in big data briefly fell out of favor. Well, shares have been on the road to recovery for a few months now, and Splunk just reported strong earnings that are giving its recovery even stronger legs
IBM Stock: Will This New Technology Kick-Start Big Blue?(Motley Fool) At this point, IBM's (NYSE: IBM) struggles have been well documented. As CEO Ginni Rometty and team continue the company's transition from old-school technologies such as hardware and PC-related solutions — IBM's former bread and butter — anxious investors are quickly running out of patience. One look at IBM's stock price, which is hovering at or near 52-week lows, speaks volumes
Northrop Grumman Launches Cyber Center(National Defense) Northrop Grumman, in an effort to address its clients' most dangerous cyber threats, announced on Nov. 19 the launch of its new Advanced Cyber Technology Center
Malcovery's Phil Compton Named CFO of the Year(PRWeb) Malcovery Security, the leading provider of cyber threat intelligence, announced today that its Chief Financial Officer, Phil Compton, was named the 2014 CFO of the Year, in the "For-Profit Small" category, by the Pittsburgh Business Times
Thales Board To Select New Chief Executive(Defense News) Thales will hold a board meeting on Monday to choose a successor to Chairman Jean-Bernard Levy, who is leaving the defense electronics company to take the top job at utility giant Electricité de France (EDF), a company executive said
We compare BitDefender Antivirus with Panda Global Protection 2014(Gamer Headlines) In the modern day and age of the use of firewalls and security software is becoming incredibly important for individuals who want to keep their computer safe and their data secure. In this review we will take a look at two high-quality security tools and will outline the features on the way in which they can be used. We also outline their level of protection and will decide which one is the best. In this review will compare the Panda Global Protection 2014 with the BitDefender Antivirus
KEMP ships new Application Firewall Pack(Channel EMEA) KEMP Technologies has launched a new Application Firewall Pack (AFP) for its LoadMaster™ range of load balancers and Application Delivery Controllers (ADCs). By integrating Web Application Firewall (WAF) and other security services, KEMP enables secure, scalable and always-on workload delivery in a single ADC and load balancing solution
BillGuard And Experian Partner For Consumer Protection(Forbes) BillGuard, which offers free monitoring of credit and debit card activity and notifies users of fraud and unauthorized charges, has partnered with the identity theft prevention of Experian to provide a comprehensive service for consumers whose cards may have been compromised in data breaches like Target and Home Depot
An Introduction to Cyber Intelligence(DarkMatters) This is the beginning of a short blog series on the topic of cyber intelligence, its sub-disciplines, and its uses. As an Adjunct Lecturer at Utica College, I teach graduate students in the M.S. Cybersecurity program on topics including cyber intelligence and cyber counterintelligence
How CSOs Can Help CIOs Talk Security to the Board(CIO) CIOs aren't necessarily security experts, but that doesn't mean they can't speak intelligently to the company's board of directors. The key is getting a little coaching from the CSO about how and what to communicate
When Panic Leads to Poor Decisions(SecurityWeek) We've all been there before. Something unforeseen happens that triggers a panic response. More often than not we look back at that response and wish we could have done things differently
Design and Innovation
Did the NSA Outline Bitcoin in 1996?(Cryptocoins News) The NSA was one of the first organizations to describe a Bitcoin-like system. About twelve years before Satoshi Nakamoto published his legendary white paper to the Metzdowd.com cryptography mailing list, a group of NSA information security researchers published a paper entitled How to Make a Mint: the Cryptography of Anonymous Electronic Cash in two prominent places, the first being an MIT mailing list and the second being much more prominent, The American Law Review (Vol. 46, Issue 4 )
Hamradiocoin: Crypto via Radio, Alternative Blockchain Channel(Cryptocoin News) HamRadioCoin utilizes the traditional Ham radio mesh to serve modern blockchain technology. This provides the blockchain and cryptocurrency with the first real alternative channel — a communications network that is both standardized and global. Ham radio has been in existence for over 80 years and who could have thought that its global array of operators would emerge as the perfect candidate for providing a P2P alternative to the internet. As we'll explore below, the invaluable role of Ham radio extends its utility into science fiction as the "old" radio combines with the "new" blockchain
Radware Launches Hybrid DDoS Attack Protection Solution(SecurityWeek) Radware, a company best known for its DDoS attack mitigation and application deliver appliances, this week announced a new hybrid solution designed to help enterprise organizations detect and protect against sophisticated and volumetric DDoS attacks
Viscount Systems secures second U.S. patent for IT-centric Freedom Access Control platform(Security Info Watch) Viscount Systems, a leading provider of IT-based security software and services, announced today it has received a second U.S. patent for itsFreedom Access Control solution, building on the technology's strong IP foundation. U.S. Patent 8854177 B2 outlines the system and method for storing user permissions for multiple disparate physical devices in a unified permissions database, connected to a network in common with the products
US Army to task Novetta subsidiary with active authentication R&D(Planet Biometrics) The Mission and Installation Contracting Command at West Point has revealed that it intends to award a contract to IBG, a Novetta Solutions Company, for the development of a biometric authentication system based on so-called "active authentication" research
Ocoee High starts cyber-security team(West Orange Times and Observer) With an influx of viruses and hacks compounding by the minute in the digital age, enhanced cyber security has become a high priority for the U.S. military
Legislation, Policy, and Regulation
Digital Privacy Is "The New Frontier Of Human Rights"(TechCrunch) The impact of mass, digitally-enabled state surveillance upon individuals' privacy has been described as "the new frontier of human rights" by Member of the European Parliament, Claude Moraes, who was giving an annual lecture on behalf of the Centre for Research into Information, Surveillance and Privacy at the London School of Economics on Friday
Extensive Network of Secret Chinese Military Units Attack US on Daily Basis(Epoch Times) An army is attacking the United States. Its war is being waged without bullets or fanfare. Denied by its government, these soldiers operate in shadows and in silence. Yet, glimpses of their operations are seen on a daily basis — hackers and spies attacking and stealing from U.S. businesses and the U.S. government
Brazil doubles down on cyber security?(Open Democracy) The out-sized military response risks compromising citizens' fundamental rights. If Brazil is to build a cyber security system fit for purpose, an informed debate is imperative
Cyberwarfare and NZ(Radio New Zealand) As New Zealand faces an an increasing number of cyber attacks, security experts say it's getting more difficult to counter them
Gov't pushing to elevate cyber warfare into military operations(Korea Herald) The government has been pushing to categorize cyberspace operations as de facto military ones under the control of the Joint Chiefs of Staff (JCS) commander as part of efforts to boost capabilities to counter growing security threats online, defense ministry officials said Monday
AP Sources: Hagel resigning as Defense secretary(AP) Defense Secretary Chuck Hagel is stepping down from President Barack Obama's Cabinet, senior administration officials said Monday, following a tenure in which he has struggled to break through the White House's insular foreign policy team
Cybersecurity was missing in action on Election Day(The Hill) In the run-up to the recent election, there were many discussions of issues like the Islamic State in Iraq and Syria (ISIS), immigration, the Ebola virus and the Keystone XL pipeline, just to name a few. The one area missing from the pre-election dialogue: a serious discussion about cybersecurity
A divided GOP wrestles with national security and civil liberties(SFGate) The coming Republican majority in Congress will have another debate to add to the pile of questions about how it will run Capitol Hill. After voting down a reform of national security laws, GOP Senate forces need to come up with their own rules governing domestic spying, civil liberties and antiterrorism
Rand Paul's Anti-NSA Campaign Backfires(Right Side News) Michael Hirsh is a Politico reporter who occasionally stumbles on the truth. In a piece on how the anti-NSA campaign has run out of gas, he says the critics of the intelligence agency have failed to come up with "actual instances of state abuse of surveillance" in the United States
CIA Director John Brennan considering sweeping organizational changes(Washington Post) CIA Director John Brennan is considering sweeping organizational changes that could include breaking up the separate spying and analysis divisions that have been in place for decades to create hybrid units focused on individual regions and threats to U.S. security, current and former U.S. intelligence officials said
EFF Joins the Call for a NIST We Can Trust(EFF) It's looking like we might be on the brink of another crypto war. The first one, in the 90s, was a misguided attempt to limit the public's access to strong, secure cryptography. And since then, the reasons we need the good security provided by strong crypto have only multiplied. That's why EFF has joined 20 civil society organizations and companies in sending a letter to the National Institute of Standards and Technology (NIST) to "re-emphasize the importance of creating a process for establishing secure and resilient encryption standards, free from back doors or other known vulnerabilities"
Campaign Seeks to Dry Out the National Security Agency(TruthDig) "The American surveillance state has an Achilles Heel," organizers of the OffNow campaign say. "We can thwart mass surveillance without relying on Congress or [the] Supreme Court" by passing legislation that stops "the flow of state supplied water and electricity to federal agencies conducting mass, warrantless surveillance"
For Army cyber, it's on-the-job training(FCW) The command sergeant major who is helping the Army develop its new branch for cybersecurity issues is confident that, despite the organizational challenges, the command can meet Army leaders' expectations for improving the service's cybersecurity capabilities
Convicted ID Thief, Tax Fraudster Now Fugitive(KrebsOnSecurity) In April 2014, this blog featured a story about Lance Ealy, an Ohio man arrested last year for buying Social Security numbers and banking information from an underground identity theft service that relied in part on data obtained through a company owned by big-three credit bureau Experian. Earlier this week, Ealy was convicted of using the data to fraudulently claim tax refunds with the IRS in the names of more than 175 U.S. citizens, but not before he snipped his monitoring anklet and skipped town
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
DefCamp5(Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering...
SINET 16(Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...
Healthcare Cyber Security Summit 2014(San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)2 Security Congress, now in its fourth year, (ISC)2 Security Congress EMEA will offer a complementary and unique opportunity within the Europe Middle East...
(ISC)² Security Congress EMEA(London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe...
ACSAC 30: Annual Computer Security Applications Conference(New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters,...
Tax Incentives for Cybersecurity Businesses(Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the...
Cybersecurity 2015: Beyond the Breach(Washington, DC, USA, December 9, 2014) With each new cybersecurity attack businesses lose millions, governments lose information and citizens lose trust. At the end of a year where these attacks regularly dominated headlines, what's ahead for...
ICFPT 2014(Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.