Anonymous threatens China's government with a denial-of-service (DDoS) campaign (scheduled for Sunday). Observers betting on form expect a fizzle; we shall see. DDoS operators have been altering their attack methods in response to improved defenses: "slow and smart" is how SC Magazine sees the evolution. Those curious about the DDoS mindset will find interesting C/Net's interview with "DerpTrolling," anti-corporate hacktivists who call themselves the "gods of the Internet."
Chinese authorities find time amid their busy repression of Hong Kong dissent to accuse the US (particularly the FBI) of "fabricating" stories of Chinese cyber attacks. The pious chiding fails to mollify those seeing an ongoing wave of IP theft.
Shellshock exploitation continues. Researchers note this family of vulnerabilities (for it's no single bug) may be exploited across a variety of attack surfaces.
Rovnix malware gets a new domain generation algorithm and improved command-and-control security. The Nuclear exploit kit also picks up fresh capabilities, including better obfuscation.
Dairy Queen is the latest victim of Backoff point-of-sale malware: 395 US stores were affected. Analysts seek lessons from other point-of-sale hacks as retailers work to rebuild customer trust.
More WordPress plug-ins are found vulnerable to cross-site scripting.
Snapchat users should look to their photos: Snapsave has been hacked, and at least 200,000 photos are loose.
Microsoft previews Patch Tuesday. Next week's will be the first since the dissolution of the company's Trustworthy Computing unit.
Symantec, as expected, is breaking up.
Europol looks at cybercrime and sees 100 evil geniuses, most of them in Russia.
Today's issue includes events affecting Australia, Brazil, China, Denmark, European Union, India, Israel, Japan, Norway, Russia, Singapore, United Kingdom, United States.
the CyberWire takes a break Monday in observance of Columbus Day. We'll resume normal publication Tuesday.
How Shellshock can be exploited over DHCP(Help Net Security) Attacks exploiting the Shellshock vulnerability (actually, vulnerabilities) are popping up daily, but while Shellshock attacks on web apps have been the most documented and discussed, attacks via other attack surfaces are possible, too
Rovnix Variant Surfaces with New DGA(Threatpost) Researchers have unearthed a new version of the Rovnix malware that has a couple of additional features, including a new domain generation algorithm and a secure transmission channel for communicating with the command-and-control servers
Evolution of the Nuclear Exploit Kit(Cisco Blogs) Exploit kits remain an efficient mechanism for cyber criminals to distribute malware. Such kits include exploits for multiple vulnerabilities within a single malicious webpage. Criminals can check operating systems, web browsers and browser plugins for anything that is not fully patched and launch an exploit specific to the out of date software
Malware needs to know if it's in the Matrix(Boing Boing) Once a security researcher discovers a new strain of malicious software — running a virtual machine on a test-bench — and adds its signature to anti-virus and network monitor blacklists, it's game over. So today's malware devotes enormous energy to figuring out if it's running on a real computer, or inside one of its enemies' virtual worlds
Dairy Queen Confirms Card Breach(BankInfoSecurity) Dairy Queen has confirmed that Backoff point-of-sale malware was used in a payment card breach that affected 395 of its 4,500 franchised U.S. locations
A Closer Look At DYRE Malware, Part 1(TrendLabs Security Intelligence Blog) We're nearing the holiday season and some of you might be going for some early holiday shopping — checking your money to go for a shopping splurge. The holiday season also ushers in cybercrime activities that are typical this time of the year
Signed Malware = Expensive "Oops" for HP(KrebsOnSecurity) Computer and software industry maker HP is in the process of notifying customers about a seemingly harmless security incident in 2010 that nevertheless could prove expensive for the company to fix and present unique support problems for users of its older products
Is iWorm a Wake-Up Call for Mac Security?(Trend Micro: Simply Security) With various publications reporting tens of thousands of users affected around the world by iWorm, does your organization have a good Mac security plan? When iWorm has infected a Mac computer, the malware makes a connection with a command and control (C & C) server out on the Internet
How Hackers Withdraw Cash From ATM(Naij) A Russian security company, Kaspersky Labs has discovered a flaw in cash machines that allows criminals to quickly steal cash from ATMs
Emma Watson leaked Facebook video delivers Trojans(Help Net Security) A new scam is taking advantage of Emma Watson's growing popularity and using the Harry Potter star as bait to spread malware on Facebook, warns antivirus solutions provider Bitdefender
When cybersecurity threats come from the inside(Washington Post) AT&T acknowledged earlier this week that in August an employee had gained unauthorized access to some customers' personal data — including Social Security and driver's license numbers
Privacy breaches in Europe(Help Net Security) Half of all the privacy breaches affecting people in Europe are inside jobs according to new research from Central European University
Security Patches, Mitigations, and Software Updates
SAP Patches Seven Vulnerabilities in Three Products(Threatpost) SAP pushed out patches to address seven vulnerabilities in three different lines of software it produces. If exploited, the bugs — which weren't disclosed until yesterday — could expose those running the systems to specialized attacks, information disclosure and in some cases, complete compromise
Critical infrastructure protection more necessary than ever in wake of JPMorgan cyber attacks(Companies and Markets) The scale of the National Security investigation into the cyber attacks on JPMorgan and other financial institutions this summer is highlighting the increased need to establish critical infrastructure protection from hackers. As national security is becoming as much threatened by cyber crime as it is physical violence, Western nations are increasing emphasis on cyber security and digital safeguards
Understand the Cost of Cyber Security Crime(HP) Explore the definitive 2014 Ponemon Cost of Cyber Crime study. Cyber crimes are growing more common, more costly, and taking longer to resolve. Those are among the findings of the fifth annual Cost of Cyber Crime Study conducted by the respected Ponemon Institute on behalf of HP Enterprise Security. The 2014 global study of U.S.-based companies, which spanned seven nations, found that over the course of a year the average cost of cyber crime climbed by more than 9% to $12.7 million for companies in the United States, up from 11.6 million in the 2013 study. The average time to resolve a cyber attack is also rising, climbing to 45 days, up from 32 days in 2013
An Advanced Approach to Enterprise Network Security(FierceITSecurity) New research from Frost & Sullivan shows many companies are struggling to keep their networks secure against rapidly evolving cyber threats. Despite increasingly sophisticated attacks and rising complexity in the technological and regulatory landscapes, companies still typically rely on outdated methods to keep data secure
IBM says most security breaches are due to human error(TechRepublic) A recently released report from computing giant IBM attributes some 95% of IT security breaches to human error and that over 75% of attacks are targeted at just five industries, proving when it comes to security, people are the real problem
Indian companies concerned about cyber attacks(Deccan Chronicle) Companies in China, Hong Kong and India have reported the highest number of cyber attacks linked to nation-states, causing an estimated average financial loss of USD 2.7 million globally, according to a new survey
Cyber Espionage and the Digital Redistribution of Wealth(War on the Rocks) Since the computerization of modern business, intellectual property (IP) theft in the U.S. has escalated to unprecedented levels. According to the former commander of the U.S. Cyber Command General Keith Alexander, the approximate economic loss to the U.S. amounts to $300 billion per annum. In a poignant statement to Congress, he referred to the escalating and widespread theft of U.S. trade secrets and intellectual property as "the greatest transfer of wealth in history"
Integrating IT security at the board level(Help Net Security) 2014 has seen an upsurge in public awareness of cybercrime, with a flurry of high-profile security breaches hitting the headlines. The sensationalised coverage of the Heartbleed and Shellshock bugs struck fear into the hearts of businesses and consumers alike, while a cyber-attack to eBay led to the theft of around 145 million usernames and encrypted e-mail addresses, proving that an organisation is never too big to fall prey to cybercriminals. These breaches are not likely to subside anytime soon
Symantec splits amid cyber competition(Financial Times) Symantec, the business best known for Norton antivirus software, is splitting into two publicly traded units, as it struggles to compete against a new generation of cyber security companies
HP rivals expected to exploit split move(MicroSoft) HP's rivals are expected to sow channel unease following the announcement that the vendor is splitting as they look to rock the boat with both partners and customer
Rackspace hires cyber security chief(San Antonio Business Journal) In the wake of the increasing numbers of cyber attacks on U.S. companies, Rackspace has hired a former Air Force lieutenant colonel with 30 years of experience in security to lead its cyber security efforts
ThreatStream™ Launches the ThreatStream Alliance and Announces the ThreatStream Alliance Preferred Partner (APP) Store(Virtual Strategy) ThreatStream™, a threat intelligence platform that prioritizes threats and facilitates trusted threat sharing, today announced the launch of the ThreatStream Alliance Preferred Partner (APP) Store, a threat-intelligence marketplace focused on delivering premium threat intelligence to an organization's already existing security infrastructure. Preferred partners in the Alliance include many market-leading threat intelligence vendors: CrowdStrike, Emerging Threats, Farsight, FlashPoint, Reversing Labs, Team Cymru and Webroot. The APP Store allows ThreatStream customers the ability to trial and subscribe to a growing number of threat intelligence feeds. With more comprehensive threat and vulnerability data, organizations can improve protection against cyber attacks and more
ESET Smart Security 8(PC Magazine) In the best security suites, all the components do their jobs well and work well together. The components of ESET Smart Security 8 ($59.95 per year; $79.99 for three PCs) are well-integrated, but their performance varies quite a bit
iSniff GPS WiFi Sniffing Tool(eHacking) iSniff GPS passively sniffs for SSID probes, ARPs and MDNS (Bonjour) packets broadcast by nearby iPhones, iPads and other wireless devices. The aim is to collect data which can be used to identify each device and determine previous geographical locations, based solely on information each device discloses about previously joined WiFi networks
Balabit finds security blind spots(Business Cloud) Using analytics to profile security risks is a hot topic at the moment. Outside of those selling big data solutions, Balabit is the first to deliver a workable solution
Advanced Defense Posture Assessment(Nige the Security Guy) Multi-dimensional Targeted Threats continue to evolve and exploit vulnerabilities that lead to significant loss of data and resources for organizations of all regions and sizes. These attacks are very much today's news. They represent a danger to an organization's intellectual property, financial assets and reputation
Cloud Computing Security Strategy Includes Cryptography(Midsize Insider) The movement of data and software services to the cloud has left some businesses feeling less secure. Skyhigh Networks brought together academic experts for the first industry-focused cryptography advisory board to provide insights on using encryption schemes as part of cloud computing security
Hackers Gather for Cyberwar in an Intense 48-Hour Sim(Wired) Locked Shields is among the world's preeminent cyber attack simulations. For two days, international teams of hackers and system admins play both sides of a war game, simultaneously attacking and defending critical infrastructure. The details are realistic, and the exercises reflect real-world geopolitics. It is a training ground for front-line operators in a rapidly evolving form of warfare in which network administrators at banks, electrical plants and government offices are as crucial to a country's defense as uniformed troops
BlackPhone Co-Founder Jon Callas On Mobilizing Privacy For The Mainstream(TechCrunch) BlackPhone co-founder Jon Callas is in London to give a talk at IP Expo — pitching the concept of a secure yet capable smartphone to IT decision makers who, wind back the clock a few years, would have unquestionably bought BlackBerry. Now there are a lot more question marks over that sort of business buying decision, given BlackBerry's downward trajectory
The ethics of Hacking 101(Washington Post) At the University of Tulsa, professor Sujeet Shenoi is teaching students how to hack into oil pipelines and electric power plants
Legislation, Policy, and Regulation
China: US is Fabricating Cyber Attack Claims(International Business Times) Following the recent comments by FBI Director James Comey, who claimed the US loses billions of dollars each year due to Chinese hackers, China called the entire US ploy a "fabrication of facts"
National security implications for financial system cyberattacks?(FCW) As the White House ponders whether this summer's massive hack of the financial services industry was a targeted, sponsored attack by Russia or terrorists, a recently released Proofpoint study provides new details on how the "cybercrime infrastructure" of a criminal operation that targets U.S. and European banking systems can work
A conversation with White House cybersecurity czar Michael Daniel(Christian Science Monitor) Does the US lack cybersecurity manpower? Even if it adds thousands of security pros, can Washington stay ahead of the hackers? And how can the federal government compete for top talent with the likes of Facebook, Google, and Twitter?
The Secret Worries of the White House Cyber Czar(Fiscal Times) Every few months, at least, Americans are reminded — by their bank, a major retailer and even the government — to reset their log-ins, monitor their accounts and come up with even more inscrutable passwords for sensitive accounts. The problem is: Too few of us actually do it
Save the Secret Service: Remove it from the Department of Homeland Security(American Thinker) Recent Secret Service security incidents and the resignation of its Director have triggered Congressional calls for a top-down management review. Inasmuch as Secret Service reports to the Department of Homeland Security (DHS), one would hope that DHS does not manage that review. There is a clear need for competence and objectivity. The review should conclude that moving Secret Service back to the Treasury Department is essential to restoring its effectiveness
Former Head of N.S.A.: Snowden Is Helping Russia(Vanity Fair) At Vanity Fair's New Establishment Summit in San Francisco, retired General Keith Alexander, former director of the N.S.A., challenged the audience to "call up Putin and ask him a question like [N.S.A. whistleblower Edward Snowden] did." There would be, Alexander said, "zero chance he would answer the phone"
iPhone Encryption and the Return of the Crypto Wars(Schneier on Security) Last week, Apple announced that it is closing a serious security vulnerability in the iPhone. It used to be that the phone's encryption only protected a small amount of the data, and Apple had the ability to bypass security on the rest of it
Police thwarted by remote wiping of tablets and phones(Naked Security) The BBC has reported that several UK police forces have found that evidence has evaporated into thin air after tablets and mobile phones have been remotely wiped, even after suspects have been taken into custody
Alleged Russian Cyber-Criminal Now Charged in 40-Count Superseding Indictment(Office of Inadequate Security) A federal grand jury in Seattle returned a second superseding indictment late yesterday charging a Russian national with 11 additional counts and further detailing his alleged scheme to hack into businesses and steal credit card information for later sale over the Internet on "carding" websites
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
InfoSec 2014(Kuala Terengganu, Malaysia, October 8 - 10, 2014) You are invited to participate in The International Conference on Information Security and Cyber Forensics (InfoSec 2014) that will be held at Universiti Sultan Zainal Abidin (UniSZA), Kuala Terengganu,...
Hacktivity 2014(Budapest, Hungary, October 10 - 11, 2014) Official and alternative representatives of the information security profession meet with all those interested in this field in framework which is at the same time informal and informative, and sometimes...
Hack-in-the-Box Malaysia(Kuala Lumpur, Malaysia, October 13 - 16, 2014) HITBSecConf or the Hack In The Box Security Conference is an annual must attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia...
FS-ISAC Fall Summit 2014(Washington, DC, USA, October 13 - 16, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
Denver SecureWorld(Denver, Colorado, USA, October 16, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North...
TechCrunch Disrupt Europe Hackathon(London, England, UK, October 18 - 19, 2014) For the second year in a row, TechCrunch is jumping across the pond and bringing the iconic Disrupt and our Hackathon to Europe. We're heading your way, London
U.S. Army ITA Security Forum(Fort Belvoir, Virginia, USA, October 20, 2014) The U.S. Army Information Technology Agency Security Forum is taking place at the Ft. Belvoir site and will be a one day event focusing on cyber security education and training for the workforce. The...
CSEC 2014 Cyber Security Summit(Kingdom of Bahrain, October 20 - 22, 2014) At the Inaugural Cyber Security Summit 2014, you will have the opportunity to seek ways to reset your IT security and risk strategy for success; stay relevant as IT security and risk are redefined; implement...
Secure 2014(Warsaw, Poland, October 21 - 23, 2014) NASK and CERT-Polska offer this conference on telecommunications and IT security. Speakers from government, industry, and universities around the world will offer insights into research, policy, and security...
Hack.lu 2014(arc Hotel Alvisse, Luxembourg, October 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.