Assad's cyber operators remain remote-access Trojan specialists. ISIS demonstrates that bad guys also lose data when they lose laptops — a Dell captured from the caliphate in Syria reveals lurid plans-cum-fantasies of bioterror, mass death, etc. Iranian cyber operators lurk in the wings as US intelligence services keep a close watch on Tehran.
Pakistani dissidents cyber-riot against police repression.
Assessments of the JP Morgan hack range from an incipient cyber 9/11 to business as usual. JP Morgan and the FBI are keeping fairly mum during the investigation, but the bank has warned Louisiana regulators of a card breach (other warnings expected soon), and sources claim Russian criminal involvement (Evgeniy Bogachev, again). There does appear to have been some data corruption.
Hosting service Namecheap reports the CyberVor gang (believed to have obtained more than a billion records this summer) is now using stolen credentials to access accounts. This would be the first report of crime deriving from this large breach (but interestingly Hold Security, which first disclosed the theft, says it's not seeing the activity).
The leak at week's end of celebrity photos is interesting, not for the squalid voyeurism it facilitates, but for what it says about security in clouds. The photos had been stored in iCloud, and Apple has patched that service's vulnerability to password brute-forcing. Investigation is still in its early stages; TechCrunch has an overview of what's actually known so far.
This week's NATO summit is expected to extend Article 5 (collective defense) to cyberspace. Russia is displeased.
Today's issue includes events affecting Canada, China, Estonia, European Union, Iran, Ireland, Mexico, NATO, Pakistan, Palestinian Territories, Russia, Syria, Ukraine, United Kingdom, United States, and Vietnam.
The CyberWire will be providing special coverage of the 2014 Cyber Security Summit, convening in New York on September 18. Watch for interviews and live coverage of Summit events.
Trailing the Trojan njRAT 0(McAfee Blog Central) One Trojan that just won't go away is the remote access tool njRAT. Microsoft recently took down a leading domain associated with the malware, but that action did not come off as smoothly as the company hoped. We closely track this remote access tool (RAT) and see a rise in its popularity every year
JPMorgan attackers altered bank records(Help Net Security) The number of US banks that have apparently been targeted and breached by hackers is slowly rising, as newer reports say that seven financial organizations have been hit
Experts warn banks of more cyber attacks(Financial Times) The latest wave of cyber attacks against US banks highlights the persistent threat facing the global financial sector, as the number of so-called financial Trojans targeting banks more than tripled last year
A Cyber Attack in Wall Street: Is It Really the Russians Who Did It?(Food World News) Suspected Russian hackers launched a cyber attack on Wall Street firms such as JP Morgan Chase this month. The Federal Bureau of Investigation (FBI) is leading the investigation while other federal agencies like the National Security Agency (NSA) are reportedly helping in the case
Cyber attack 'could wreak as much havoc as 9/11 attacks'(Independent) Bankers and US officials have warned that cyber-terrorists will try to wreck the financial system's computer networks. Authorities in the US have launched an investigation following a so-called cyber attack on a number of institutions including against JP Morgan Chase, the banking giant
Here's What We Know So Far About The Celebrity Photo Hack(TechCrunch) As you will by now have probably read, around 100 women celebrities (including Jennifer Lawrence, Ariana Grande, Victoria Justice and Kate Upton) have had naked and explicit pictures seemingly hacked from their iCloud accounts and published online, first on 4Chan and now all over the place
Nude photo leak a chance for channel to talk cloud security(MicroScope) The revelations that a hack has led to a flood of naked celebrity pictures hitting the internet is a timely reminder that the channel must promote security to users considering placing sensitive and personal data in the cloud
Apple Isn't Responsible for Your Nude Selfies(Bloomberg View) What do you do if you're a celebrity and nude pictures you happened to store in the cloud are suddenly all over the Internet? We've seen the full spectrum of possible reactions, only one of which makes sense
IPv6 insecurities on "IPv4-only" networks(SWITCH Security Blog) When people hear about IPv6-specific security issues, they frequently tend to rate this as an argument in favour of delaying or avoiding IPv6 deployment on their enterprise or campus network
11 Steps Attackers Took to Crack Target(CIO) Aorato, a specialist in Active Directory monitoring and protection, delivers a step-by-step report on how attackers used the stolen credentials of an HVAC vendor to steal the data of 70 million customers and 40 million credit cards and debit cards from the retailer
Grindr app has privacy issues — who's surprised?(Naked Security) Popular gay dating app Grindr has been criticized for revealing the locations of its users in more detail than they might be expecting, and for allowing the identity of message senders to be spoofed
1900/UDP (SSDP) Scanning and DDOS(Internet Storm Center) Over the last few weeks we have detected a significant increase in both scanning for 1900/UDP and a huge increase of 1900/UDP being used for amplified reflective DDOS attacks
Security Patches, Mitigations, and Software Updates
Apple patches 'Find My iPhone' exploit(ZDNet) Apple has patched an exploit with its Find My iPhone online service that may have been used by hackers to gain access to personal photos stored on iCloud accounts belonging to some 100 celebrities
IT security is a matter of accountability(Help Net Security) For today's CEO, being the victim of criminal hackers is no longer just a source of embarrassment. Being hacked often carries legal ramifications and can even cost you your job. We live in the age of transparency, where "mega breaches' and data theft from an organization are increasingly hard to keep from the customer. It has never been more challenging for a CEO who must accept responsibility for IT security incidents, thoroughly assess the risks and remain vigilant to potential threats
Trends in Cyber Crime: A Look at the First Half of 2014(IT Business Edge) While security pros need clear insight into their organizations vulnerabilities, internal analysis alone is not enough. Outward examination — such as who is attacking other members of your business sector with what kind of attack and how it is impacting them — is a critical component of an effective cybersecurity approach. Unfortunately, oftentimes, we spend too much time looking at only a small piece of the puzzle
Compensation and Interim Report 2014 Market Trends: Security(BarclaySimpson) This time last year, we reported that companies were coming to the recruitment market in increasing numbers and following through recruitment processes with realistic offers. Since then, an additional 800,000 people have been employed in the UK and the economy is forecast to grow by 3% in 2014. In this context, high profile cyber-attacks are provoking both corporate and public fear just as business investment is expanding at its fastest rate in six years. The security recruitment market is unlikely to ever have a more favourable backdrop than it currently enjoys
FireEye, Palo Alto Top Security Picks at Stifel; SYMC, CHKP, FTNT a Hold(Barron's) Shares of network security technology vendor FireEye (FEYE) are up 45 cents, or 1.5%, at $29.90, after Stifel Nicolaus's Gur Talpaz today initiates coverage of the group, giving FireEye and Palo Alto Networks (PANW) Buy ratings, and price targets of $45 and $100 respectively, and rating others in the group a Hold
Microsoft to close MSN service in China by October 31(Economic Times) Microsoft plans to close its Windows Live Messenger (MSN) service in Chinese mainland by October 31, amid a crackdown by authorities against the world's largest software firm over anti-monopoly violations
Bitglass Secures $25 Million in Series B Financing(SiliconIndia) Bitglass, a provider of data protection solutions for the enterprise has secured $25 million in Series B funding. Bitglass offers the industry's most complete solution, securing corporate data in the cloud, at access and on mobile devices. Founded in 2012, even when it was emerging from stealth in January 2014, Bitglass has enjoyed strong demand for its Total Data Protection solution
Cyber attack: Is your bank safe?(The Banker) From financially motivated cyber crime to politically influenced cyber warfare, the virtual threats to financial institutions are multiplying. Companies must respond by arming themselves against such attacks or else they risk losing their footing on the new digital battleground
Should you use cyber insurance to mitigate risk?(SC Magazine) While still a relatively immature industry, cyber insurance can reduce the costs of recovering from a breach, and, as Tony Morbin reports, it can also play a role in driving adoption of best practice, including de-facto standards in critical infrastructure
Insurance for When You Get Hacked(Bloomberg BusinessWeek) Question: In light of all the hacker attacks in the news, how often are smaller businesses targeted? Is there insurance that covers you in case of an attack?
Microsoft Adds The Ability to Search for Sensitive Data on SharePoint And OneDriv(International Business Times) Businesses can now use Microsoft Office 365 to share sensitive data within the organisation. Office Blogs reports Microsoft Office 365 has these necessary features for email with data loss prevention or DLP. The said features are already used in Exchange, Outlook and OWA together with a series of built-in sensitive data that can be used to search. Now, Microsoft is reportedly to expand these features to SharePoint and OneDrive
Lynis 1.6.0 — Security auditing tool for Unix/Linux systems(Kitploit) Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional
ESET Cyber Security (for Mac)(PC Magazine) Despite what you may have heard, just because your computer is a Mac doesn't mean it's immune to malware or other digital attacks. That's why there are products like ESET Cyber Security ($39.95), which guards against online and network attacks in addition to viruses and other malware
McAfee Internet Security 2014 for Mac(PC Magazine) Stereotypical Mac users aren't concerned with security, but Mac malware is real and Web threats don't care what kind of computer you're using. That's why there are products like McAfee internet Security 2014 for Mac ($79.99). This OS X application brings antivirus protection, along with safe Web browsing and firewall tools
Dodging Browser Zero Days — Changing your Org's Default Browser Centrally(Internet Storm Center) In a recent story about "what's a sysadmin to do?", we suggested that since our browsers seem to take turns with zero days lately, that system administrator should have processes in place to prepare for when their corporate standard browser has a major vulnerability that doesn't yet have a patch
'Factorisation factory' smashes number-cracking record(New Scientist) The first tests of a "factorisation factory" have beaten the record for breaking gigantic numbers down into their prime-number building blocks. It might one day force firms to strengthen their online encryption
NATO Set to Ratify Pledge on Joint Defense in Case of Major Cyberattack(New York Times) When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization's mission of collective defense: For the first time, a cyberattack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing
Jacob Appelbaum explains surveillance to the EuroParl(BoingBoing) Jacob Appelbaum of the Tor Project and Wikileaks addressed the European Parliament on the issue of surveillance and freedom. It was a remarkable speech, even by Appelbaum's high standards. An amateur transcript gives you a sense of what's going on, but the video is even better: "Is it used for coercion? Is data passed to autocratic regimes? Is it used to study groups? Is it used to disrupt? Yes, yes, and yes. Might they force or forge data? Absolutely"
The Most Profound Shift in UK Commercial Insurance Law Ever(Willis Wire) It has been eight long years since The Law Commission and the Scottish Law Commission were asked to review UK insurance contract law. Much has been written and said on the subject of insurance contract law reform since then (including by me). Now at last the government has introduced a new insurance bill for consideration under a special fast-track parliamentary procedure
US Cyber-Spy Killed Himself Following FBI Investigation(International Business Times) A 33-year-old US Air Force cyber-security analyst took his own life the day after the FBI showed up to question him about why he had gathered sensitive data about an individual — including the voicemails of that person's boyfriend
Class Action Suit Over CHS Breach is Call to Action(Norse Blog) A handful of patients who were impacted by the recent Community Health Systems (CHS) data breach filed a class action suit against the healthcare giant in Alabama, and the company could be in store for even more in the wake of a data loss event affecting as many as 4.5 million people nationwide
Drug Market 'Agora' Replaces the Silk Road as King of the Dark Net(Wired) For two and a half years, the Dread Pirate Roberts and his Silk Road black market ruled the Dark Web. But last year's FBI's takedown of that narcotics smorgasbord opened the underground trade to competitors. Now those sites have a new leader, one that's bigger than the Silk Road ever was and continues to grow explosively
Microsoft refuses to hand over overseas email(iol) A judge lifted a suspension on her order directing Microsoft to turn over a customer's emails stored overseas to US prosecutors, but the software company said it would not release any emails while it appeals the ruling
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
2014 Trusted Cyber Collaboration Workshop(Crystal City, Virginia, USA, September 24 - 26, 2014) The Trusted Cyber Collaboration Workshop, an opportunity for professional information sharing, and a vendor exhibition, is focused on secure collaboration among industry partners and their supply chain...
SEACRYPT 2013(Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related...
Build IT Break IT Fix IT: Break IT(Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
Security B-Sides Cape Breton(Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...
BalCCon2k14 (Balkan Computer Congress)(Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference taking...
BalCCon2k14: Balkan Computer Congress(Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...
Detroit SecureWorld(Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...
Ground Zero Summit, Sri Lanka(Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.
Cyber Attack Against Payment Processes Exercise 1(Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Suits and Spooks London(London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...
Build IT Break IT Fix IT: Fix IT(Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
NOPcon Security Conference(Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...
5th Annual Billington Cybersecurity Summit(Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...
SINET Global Summit(London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.