A long-running Russian cyber espionage campaign ("Sandworm," as it's been named by iSight) is uncovered targeting NATO and other organizations. The campaign operated for five years against actual and potential opponents of Russia's slow-motion re-engorgement of the Near Abroad. Sandworm exploited a Microsoft Windows zero-day; its malware is linked to the BlackEnergy kit.
Chinese security services succeed in compromising sites associated with Hong Kong's pro-democracy umbrella protesters. Those services also continue actions directed against Australian businesses. The US State Department looks askance at New York hotel acquisitions by the Anbang Insurance Group, thought closely associated with the PRC's ruling party.
Snowden levels fresh accusations of widespread surveillance at Britain's GCHQ. New Zealand's Five Eyes participation is also mentioned in dispatches.
The Syrian Electronic Army may be offering its own operating system, "SEANux." If they are, well, caveat emptor.
Tensions between India and Pakistan find continuing expression in cyber rioting.
Some possible good news from Uganda: the US Army says information campaigns are prompting mass defections from the bizarre, deplorable Lord's Resistance Army, long known for its record of atrocity and conscription of child-soldiers.
Shellshock remains a threat, turning up in Siemens industrial software.
K-Mart discovered a paycard breach Thursday, disclosing it first to the SEC, then generally in a press release Friday. The company and law enforcement are investigating.
Europol warns of Russian gang chatter auguring social engineering prep for a major attack on Western banks.
Snapchat's ephemeral photos endure, and leak. Dropbox suffers a compromise via a third-party site.
Today's issue includes events affecting Australia, Bahrain, China, Denmark, European Union, Germany, India, Ireland, Democratic Peoples Republic of Korea, Republic of Korea, NATO, New Zealand, Pakistan, Poland, Russia, Saudi Arabia, Spain, South Sudan, Syria, Uganda, Ukraine, United Arab Emirates, United Kingdom, United States.
China ramps up spying on Australian business(Financial Review) Hackers are avoiding detection by working Australian business hours (except during Chinese holidays). Mandiant, a cyber security firm famous for identifying a Chinese military group called "APT1" that spied on hundreds of global targets, claims it has "definitive new evidence" that high-end Chinese hackers have been stealing secrets from Australian companies this year
Snowden Attacks "Anything Goes" Privacy Intrusions Of British Spy Agencies(TechCrunch) In what amounts to a wake up call directed at a British public generally considered apathetic on privacy issues, NSA whistleblower Edward Snowden has warned that U.K. spy agencies are using digital technology to conduct mass population surveillance without any checks and balances at all — overreaching and encroaching on privacy rights in a way that he characterized as even worse than the U.S. National Security Agency's inroads into citizens' rights
NZ faces claims of spying on friends(New Zealand Herald) New documents released by NSA whistle-blower Edward Snowden suggest New Zealand's embassies have been involved in spying on friendly nations on behalf of the United States, just as this country is seeking all the support it can get to win a seat on the United Nations Security Council
Cyber Security Woes Continue To Haunt Companies(Bidness etc.) Sears Holdings Corp's (SHLD) discount department store chain, Kmart, got its name added to the list of companies molested by hackers this year. The retailer claims to have lost debit and credit card data in a cyber breach that is reported to have started in September. The company is yet to discover the exact extent of the hacking incident
Europol Warns of Russian Gangs Plotting Billion Dollar Attack(VPN Creative) Europol has warned that criminals are planning a billion dollar cyber attack on major financial institutions in the world. This warning comes at a time when banks in the US are already reeling from the security breach at JPMorgan Chase
Insider Threats Could Rise as Hackers Troll Social Media(SIGNAL) The recent rash of cyberattacks on major U.S. companies has drawn renewed focus on network vulnerabilities, both in commercial and governmental sectors, and not just on external attackers but on potentially more ominous threats posed by insiders
The number of JPMorgan hackers' targets rises(Help Net Security) The distressing news that the JPMorgan Chase breach resulted in the compromise of data of some 76 million households and 7 million small businesses may be soon followed by more unwelcome announcements of the same kind
Researcher Uncloaks 'Zero-Day' Worm That Can Spread Over All Your Social Networks(Forbes) Imagine it's possible to force a victim's browser to effectively create malware "on-the-fly" that would hand over control of the PC, phone or tablet to a hacker. Now imagine this could be done by having the target click on a link for a domain as popular and trusted as Google GOOGL -0.81%.com, and then executing an ostensibly legitimate file. This is, according to Trustwave SpiderLabs security researcher Oren Hafif, a real possibility
YouTube Ads Lead To Exploit Kits, Hit US Victims(TrendLabs Security Intelligence Blog) Malicious ads are a common method of sending users to sites that contain malicious code. Recently, however, these ads have showed up on a new attack platform: YouTube
Snapchat Hack Involved Undocumented API(ProgrammeableWeb) Snapchat is blaming unofficial, unauthorized apps for an apparent hack that has resulted in thousands of nude photos of users being released on 4chan, the same online forum where nude celebrity photos taken from hacked iCloud accounts were released
A Closer Look at DYRE Malware, Part 2(TrendLabs Security Intelligence Blog) In the first part of this series, we discussed both the routines and entry point of the banking malware DYRE. However, information theft isn't the last step for this malware. It turns out this malware is also involved in yet another scheme — the parcel mule scam
FinFisher Malware Analysis — Part 3 (Last)(Coding and Security) I've already covered most parts of FinFisher malware in last two articles (part1, part2). This time, in this article, which is last article related to FinFisher, I'll cover last important tricks, methods and techniques used by FinFisher
Bahraini Activists Hacked by Their Government Go After UK Spyware Maker(Wired) Mohammad "Moosa" Abd-Ali Ali sensed something was wrong when he looked down at the Facebook history on his phone. It was in 2011, during the time of the Arab Spring, and the app showed that he'd exchanged a series of messages with a friend. The messages asked his friend where she was, what the location and time of a planned meeting with a group of their friends was, and who would be at the meeting
Who's Watching Your WebEx?(KrebsOnSecurity) KrebsOnSecurity spent a good part of the past week working with Cisco to alert more than four dozen companies — many of them household names — about regular corporate WebEx conference meetings that lack passwords and are thus open to anyone who wants to listen in
Dropbox bug left some users without their stored files(Help Net Security) Popular file cloud hosting service Dropbox has been sending out emails to a "small number" of its customers, explaining that some of their files have been irretrievably lost because of a bug in its Selective Sync feature
Being a script kiddie easier than ever(SC Magazine via IT News) The recent unravelling of a phishing email campaign shows that even less skill and effort is required today to exploit thousands of users via canned code traded on Facebook and other internet forums
J.P. Morgan CEO: Cybersecurity Spending to Double(Wall Street Journal) J.P. Morgan Chase & Co. Chairman and Chief Executive James Dimon said the bank would double spending on cybersecurity over the next five years, his first public remarks following the data breach that hit the nation's largest bank this summer
Merck's VC unit invests in data security business(FierceBioTechIT) With report after report finding flaws in the data security practices of healthcare and life science organizations, Exostar has decided to accelerate its expansion into the sector. And the company has snagged funding from the Merck Global Health Innovation Fund to support its plans
ESET announces new versions of flagship products(Channelline) Security software vendor ESET has launched the newest versions of its flagship security software products: ESET NOD32 Antivirus 8, which is the entry level product, and ESET Smart Security 8. Version 8 adds two significant changes, an improved Exploit Blocker which now adds protection against Java-based attacks, and a new Botnet Protection feature
Meet Anonabox, the tiny WiFi router that can anonymize everything you do online(BGR) Users looking to anonymize everything they do online in order to protect their privacy and/or hide from advertisers can always use the Tor browser, although their online experience might completely change once the switch to Tor is made. However, users who don't want to change their Internet surfing habits while making them more private should check out Anonabox, a tiny WiFi router that directs all data through the Tor network, protecting everything you do online, not just your browsing activity
Cyberattacks trigger talk of 'hacking back'(Washington Technology) The recent rash of cyberattacks on major U.S. companies has highlighted the scant options available to the victims, who often can do little more than hunker down, endure the bad publicity and harden their defenses in hopes of thwarting the next assault
Returning cyber fire(C4ISR & Networks) The topic of returning cyber fire has been discussed for years and continues to come up at a much more frequent pace. With all the high visibility cyber attacks that have occurred over the past several months, no one could blame people for being upset
In AppSec, 'Fast' Is Everything(Dark Reading) The world has shifted. The SAST and DAST tools that were invented over a decade ago are no longer viable approaches to application security
Can CDM change the game?(FCW) The Continuous Diagnostics and Mitigation program represents a dramatic shift from the government's traditional focus on certifying systems as secure and then rechecking them every so often
Identifying deceptive behavior in user-generated content(Help Net Security) In this interview, JT Buser, Manager of Authenticity and Fraud at Bazaarvoice, talks about challenges involved in identifying deceptive behavior in user-generated content as well as interesting techniques he's seen scammers use
VeraCrypt a Worthy TrueCrypt Alternative(eSecurity Planet) A fork of TrueCrypt's code, VeraCrypt strengthens the open source encryption software's transformation process and addresses other weaknesses
What you should consider when choosing a password manager(IDG via CSO) Many security experts feel that passwords are no longer sufficient to keep online accounts safe from hackers, but we're still a long way from widespread adoption of biometrics and alternative methods of authentication
CSAM: Be Wary of False Beacons(Internet Storm Center) Hunting for evil in network traffic depends on the analysts ability to locate patterns and variances in oceans of data. This can be an overwhelming tasks and relies on fundamental knowledge of what is considered normal on your network as well as your experienced-based intuition
For or Against: Port Security for Network Access Control(Internet Storm Center) I had an interesting discussion tonight with fellow handler Manuel on the pros and cons on port security as it relates to Network Access Control. I thought it would be interesting to see where others in the security field stand on the issue. Is it worth the effort or not? Is it a valuable tool in Defense in Depth? Here are some of the For and Against arguments we discussed
EFF Launches New Anti-Surveillance Site(Threatpost) The EFF has launched a new site dedicated to educating users about how to resist pervasive surveillance online, through the promotion of encryption and other tools and the publication of first-person stories from people around the world who have fought surveillance in various ways
Twenty five years of firewall innovation(Help Net Security) When the internet was first launched on a mass scale back in the late 80s, it is understandable that the technology industry got more than a little excited — the way we communicate and thus the entire world around us was being changed for good. But there was one problem: the internet was not designed with security in mind
10 Ways to Protect Your Home Network from Hackers(Yahoo! Tech) Protecting your family's digital assets used to be easy. You just turned on your PC's built-in firewall settings and turned on an antivirus program. As long as you didn't install strange software or do anything stupid, you were usually OK
ASIO powers are no threat to journalists(The Australian) The National Security Legislation Amendment Bill (No 1), which was passed by the House of Representatives a fortnight ago, is the most important single reform to the powers of ASIO in a generation. It is 35 years since the last time the powers of our principal national security agency were the subject of a comprehensive review, following the Hope royal commission, in 1979
White House working around cyber bill impasse(Federal Times) As time runs out for Congress to pass cyber legislation before next year, White House officials are looking for ways around Capitol Hill's inability to enact policies to secure government networks and critical infrastructure
Recruitment, retention focus of Fort Gordon's new cyber command(Augusta Chronicle) Under the pressure of a rapidly changing cyber network, the military needs to come up with innovative practices to recruit and ensure retention of highly-skilled and trained soldiers, the commanding general of Army Cyber Command said Monday
AUSA: Army wrestles with talent amid cyber force build-up(C4ISR & Networks) As the Army assembles a 6,000-person-strong cyber mission force in the next two years, officials are trying to determine the best way to attract, organize and maintain the cyber talent required to secure Defense Department networks
I want government to have access to your data. Here's why.(ITProPortal) ITProPortal is in Brussels at the 27th annual Information Security Solutions Europe Conference (ISSE), one of Europe's largest gatherings of cyber security experts. Troels Oerting of the Danish police gave a fascinating opening keynote defending the right of the police to use surveillance over the Internet. It certainly ruffled some feathers in Brussels, but here are some of the highlights so you can make up your own mind
Even a Golden Key Can Be Stolen: Inside Apple's Encryption Decision(Gizmodo) Since Apple first announced three weeks ago that it was expanding the scope of what types of data would be encrypted on devices running iOS 8, law enforcement has been ablaze with indignation. When Google followed suit and announced that Android L would also come with encryption on by default, it only added fuel to the fire
Google reports on "right to be forgotten" requests(Help Net Security) Nearly a month after the release of the latest Google Transparency Report, which showed that government demands for user information have risen 150% over the last five years, a new section has been added that shows how many European privacy requests for search removals have been received by the company
Meet Profile Engine, the "spammy" Facebook crawler hated by people who want to be forgotten(Quartz) Google's latest report on its implementation of the European "right to be forgotten," which allows people to petition to have search results on them removed, shows a backlash against the ubiquity of information about people and their lives floating around on social networks. Facebook had the most Google search results expunged. The second-most requested site is possibly one you have never heard of
Judge Rejects Defense That FBI Illegally Hacked Silk Road — On a Technicality(Wired) Lawyers for Ross Ulbricht have spent the last two months shifting the focus from their client, charged with creating the billion-dollar drug market the Silk Road, and putting it onto the potential illegality of the FBI's investigation. Now the judge in that case has spoken, and it's clear she intends to put Ulbricht on trial, not the FBI
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Hack-in-the-Box Malaysia(Kuala Lumpur, Malaysia, October 13 - 16, 2014) HITBSecConf or the Hack In The Box Security Conference is an annual must attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia...
FS-ISAC Fall Summit 2014(Washington, DC, USA, October 13 - 16, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
CYBERSEC 2014(, January 1, 1970) CYBERSEC is a 4-day event geared toward helping you achieve your cybersecurity goals. Whether your focus is on cybersecurity management, investigation, defense, or offense we are offering specialty cybersecurity...
Black Hat Europe 2014(, January 1, 1970) The premier conference on information security returns to the beautiful city of Amsterdam, Netherlands in October, 2014. Professionals from all over the world gather for two days of intense Trainings and...
Denver SecureWorld(Denver, Colorado, USA, October 16, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North...
TechCrunch Disrupt Europe Hackathon(London, England, UK, October 18 - 19, 2014) For the second year in a row, TechCrunch is jumping across the pond and bringing the iconic Disrupt and our Hackathon to Europe. We're heading your way, London
U.S. Army ITA Security Forum(Fort Belvoir, Virginia, USA, October 20, 2014) The U.S. Army Information Technology Agency Security Forum is taking place at the Ft. Belvoir site and will be a one day event focusing on cyber security education and training for the workforce. The...
CSEC 2014 Cyber Security Summit(Kingdom of Bahrain, October 20 - 22, 2014) At the Inaugural Cyber Security Summit 2014, you will have the opportunity to seek ways to reset your IT security and risk strategy for success; stay relevant as IT security and risk are redefined; implement...
2014 ICS Cyber Security Conference(, January 1, 1970) The 14th ICS Cyber Security Conference (sometimes known as "Weisscon") will be held October 20-23, 2014 at Georgia Tech in Atlanta, GA. Cyber Security is becoming a critical infrastructure issue with implications...
Cyber Security Summit 2014(, January 1, 1970) Cyber security breaches have a profound impact on all areas of society. Join the discussion at Cyber Security Summit 2014. For two days, leaders from the public and private sectors meet to identify cyber...
Secure 2014(Warsaw, Poland, October 21 - 23, 2014) NASK and CERT-Polska offer this conference on telecommunications and IT security. Speakers from government, industry, and universities around the world will offer insights into research, policy, and security...
Hack.lu 2014 (Dommeldange, Luxembourg, October 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society
ISSA International Conference(Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.
ToorCon San Diego(San Diego, California, USA, October 22 - 26, 2014) For hackers like you, because what could possibly go wrong?
DOE Germantown Cybersecurity Awareness Day(Germantown, Maryland, USA, October 23, 2014) The Department of Energy Germantown Building will be hosting a Cyber Security Awareness Day featuring a technology expo. DoE will be looking for a wide range of cyber security industry experts to showcase...
Library of Congress Cybersecurity Awareness Expo(Washington, DC, USA, October 23, 2014) The Library of Congress (LOC)is hosting its annual cyber security awareness days during October and the exposition is an important part of their education and outreach effort to industry
NASA Glenn Research Center Cyber Security Expo(Cleveland, Ohio, USA, October 23, 2014) In recognition of National Cyber Security Awareness Month, an Awareness Day event will be held at Glenn Research Center in Cleveland, Ohio. This event will provide participants with information and resources...
FOCUS 14: Empowering the Connected World(Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while...
Cybergamut Tech Tuesday: Software-Defined Networking Security(Columbia, Maryland, USA, October 28, 2014) Security-Defined Routing combines cyber analytics and SDN to protect the network: SDR technology assists organizations in scaling the delivery of network traffic to analytic security applications. When...
USDA Cyber Security Symposium and Expo 2014(Washington, DC, USA, October 28 - 29, 2014) The Summit will provide participants with information and resources on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build...
Cyber Security and IT Day at Fort Carson(Colorado Springs, Colorado, USA, October 28, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter ill once again host the 5th Annual Cyber Security & Information Technology Days set to take place at Fort Carson on Tuesday,...
Cyber Security and IT Days at Peterson AFB(Colorado Springs, Colorado, USA, October 29, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter will once again host the 5th Annual Cyber Security & Information Technology Days. Government and Industry experts will be on...
Dallas SecureWorld(Dallas, Texas, USA, October 29 - 30, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
Cyber Job Fair(Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals...
CyberMaryland 2014(Baltimore, Maryland, USA, October 29 - 30, 2014) Entrepreneurs, investors, academia and government will convene in Maryland — the nation's epicenter for cybersecurity for the fourth annual CyberMaryland Conference.
ekoparty Security Conference 10th edition(Buenos Aires, Argentina, October 29 - 31, 2014) ekoparty — Electronic Knock Out Party — Security Conference, is a one of a kind event in South America; an annual security conference held in Buenos Aires, where security specialists from all over Latin...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
Senior Executive Cyber Security Conference(Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.