An internecine Islamist information war brews in the subcontinent: al Qaeda launches an Indian branch in a bid to recover leadership from its more radical competitor ISIS.
JPMorgan internal investigations find the bank's stolen data were exfiltrated to servers in Russia. Investment analysts worry that reputational damage will spread beyond JPMorgan Chase to financial ETFs.
The officially still-potential Home Depot breach moves so close to confirmed actuality as to make no difference. The retailer's hired Symantec to mitigate whatever's potentially gone on; it's also offered customers credit protection services. Observers suspect Backoff point-of-sale malware behind the incident.
Goodwill, the eleemosynary used-article retailer, seems to have been the victim of Rawpos, a less-capable Backoff competitor.
Apple, reeling from the iCloud selfie leak, announces steps to improve its cloud's security. The unidentified hacker skates on thin ice, anonymously crowing about the months (and skillz) needed to pull off the theft — once identified, he/she/they will receive lots of police attention. Elcomsoft acknowledges that pirate versions of its password-cracking forensic tool, widely suspected in the iCloud hack, circulate in criminal markets.
In the US, Healthcare.gov acknowledges a successful hack, but says no data were lost. Observers see a configuration error at the root of the incident; some say malware was installed.
FireEye discovers an OSX version of APT backdoor XSLCmd (the work of "GREF"). Netresec finds a man-in-the-middle campaign running between Chinese universities and Google.
Congratulations to the National Cyber Security Hall of Fame class of 2014: Mssrs. Bellovin, Cerf, Kocher, Clarke, and Zimmermann.
Today's issue includes events affecting Brazil, China, Colombia, Estonia, India, Iraq, Russia, Sweden, Syria, United Kingdom, United States.
Looking forward two weeks, remember that the CyberWire will be providing special coverage of the 2014 Cyber Security Summit, convening in New York on September 18. Watch for interviews and live coverage of Summit events.
Cyber Attacks, Threats, and Vulnerabilities
India on high alert as Al Qaeda launches local branch(The National) India ordered several provinces to be on increased alert on Thursday in response to Al Qaeda's launch of a new branch in the Indian subcontinent. In a video posted online, Al Qaeda leader Ayman Al Zawahri promised to spread Islamic rule and "raise the flag of jihad" across the Indian subcontinent
Al-Qaeda overshadowed by Islamic State's influence(USA TODAY) Al-Qaeda's call Thursday for a jihad (holy war) in India is the latest sign of how the terror group is battling to stay relevant in the face of the rival Islamic State's savage rampage in Iraq and Syria
Computers for Hire Send JPMorgan Data to Russia(Bloomberg) JPMorgan Chase & Co.'s own investigators have found clues that a global network of computers available for hire by sophisticated criminals was used to reroute data stolen from the bank to a major Russian city, according to people familiar with the probe
Will Cyber Attack Halt Rally in Financial ETFs?(Zacks) After a stretch of rough trading, financial stocks showed a strong run-up in their prices last month primarily fuelled by a surge in banking stocks. This is because near-record bank profits in the second quarter, solid loan growth, steadily improving credit quality, litigation settlements, and heightened M&A and IPO activities spread optimism in the broad sector
Home Depot hires Symantec, FishNet to probe data breach(AP via the San Jose Mercury News) Home Depot says it's offering free identity protection services, including credit monitoring, to those customers who might be potentially hurt by a possible data breach at the home improvement chain
Goodwill payment systems compromised(CSO) Just when you might have thought there wasn't anymore staying power in the parade of stories about point of sale systems being hacked we find that even Goodwill isn't immune
Hacker Breached HealthCare.gov Insurance Site(Wall Street Journal) A hacker broke into part of the HealthCare.gov insurance enrollment website in July and uploaded malicious software, according to federal officials. Investigators found no evidence that consumers' personal data were taken or viewed during the breach, federal officials said. The hacker appears only to have gained access to a server used to test code for HealthCare.gov, the officials said
OS X version of Windows backdoor spotted(Help Net Security) A recently discovered backdoor aimed at Mac computers is likely wielded by a long-standing APT group that has previously been known to target US defense firms and organizations, electronics and engineering companies around the world, and non-government organizations with interests in Asia, say FireEye researchers
Forced to Adapt: XSLCmd Backdoor Now on OS X(FireEye Blog) FireEye Labs recently discovered a previously unknown variant of the APT backdoor XSLCmd — OSX.XSLCmd — which is designed to compromise Apple OS X systems. This backdoor shares a significant portion of its code with the Windows-based version of the XSLCmd backdoor that has been around since at least 2009
Analysis of Chinese MITM on Google(Netresec Blog) The Chinese are running a MITM attack on SSL encrypted traffic between Chinese universities and Google. We've performed technical analysis of the attack, on request from GreatFire[dot]org, and can confirm that it is a real SSL MITM against www.google[dot]com and that it is being performed from within China
Malware Bypasses Chrome Extension Security Feature(TrendLabs Security Intelligence Blog) Originally created to extend a browser's functionality, browser extensions have become yet another tool for cybercriminals' schemes. Earlier this year, Google has addressed the issue of malicious browser extensions by enforcing a policy that only allows installations if the extensions are hosted in the Chrome Web Store
TorrentLocker now targets UK with Royal Mail phishing(We Live Security) Three weeks ago, iSIGHT Partners discovered a new Ransomware encrypting victims' documents. They dubbed this new threat TorrentLocker. TorrentLocker propagates via spam messages containing a link to a phishing page where the user is asked to download and execute "package tracking information". In August, only Australians were targeted with fake Australian Post package-tracking page
Are rogue cell towers snooping on your calls?(Tripwire: State of Security) The number of calls made from cell phones every day is absurd. Let's just say it exceeds the population of every country where residents have access to cell phones and be done with it
Security experts weigh in on mystery cell-phone towers(WND) There's been an uproar this week following a Popular Science report that revealed the existence of more than a dozen cell phone-type towers across the United States for which no owner could be located or operator identified
New Box Security Features Give Companies Far Greater Control Over Documents(TechCrunch) Box made its name being a user-focused company. Ease of use took priority over everything else, and while they've achieved a huge user base in this fashion, a big criticism of the company has been on the security side. It was never secure enough for some IT pros. A series of announcements today at the BoxWorks customer conference should go a long way towards alleviating those concerns
The Security Implications of Wearables, Part 1(TrendLabs Security Intelligence Blog) The Internet of Everything has given rise to new gadget categories in every electronics retailer shop. Smart wearables are rapidly becoming more commonplace than you think. While not everyone has Google Glass, you can bet that a lot of people have fitness trackers and even smart watches
Growing security threats put focus on CISO role(FierceCIO) This week Home Depot became the latest in the growing list of major organizations that are the apparent targets of cybercriminals. Indeed, cybercrime seems rampart and cyberdefenses appear woefully inadequate. Both of these place greater focus on the need for chief information security officers
Bitcoin, The Cryptography-based Currency Continues To Rely On Banks For Security(Forbes) Reddit's r/bitcoin is a popular forum where BTC enthusiasts shared news links and anti-establishment jokes. The site was so influential among the community that a recent book about Bitcoin called The Anatomy of a Money-like Informational Commodity discussed the viability of using the number of registered members of the forum as a way to gauge the market sentiment
Construction of New CYBER/ISR Facility(FedBizOps) The 175th Wing, Maryland Air National Guard, located at Warfield Air National Guard Base, Baltimore, Maryland, intends to issue a Request for Proposal (RFP) to award a single firm fixed-price contract for Construction of a CYBER/ISR Facility
Twitter Taps HackerOne To Launch Its Bug Bounty Program(TechCrunch) Following security breaches that have shook confidence in many online services, Twitter today announced the launch of its bug bounty program that will pay security researchers for responsibly reporting threats through HackerOne, a bug bounty program provider. Twitter will pay a minimum of $140 per threat reported
Cyber Security Jobs: They're Secure, They Pay Well And There's Not Much Competition Right Now(redOrbit) If you're like a lot of students who are headed to college, you have no idea what your major should be. Your parents might have some suggestions, but of course, not everyone can be a doctor or a lawyer. One career track that’s hot right now is cyber security. You should expect some rigorous training, but once you're ready, you won't have a hard time finding a job. Plus, the jobs you'll find often pay well, and they're more in demand than many other private sector jobs
Products, Services, and Solutions
For Sale Soon: The World's First Google Glass Detector(Wired) Earlier this summer, Berlin-based artist and coder Julian Oliver released Glasshole.sh, a simple and free piece of software designed to detect Google Glass and boot it from any local Wi-Fi network. That DIY idea, says Oliver, was so popular among Glass's critics that he's now offering his cyborg-foiling hack to the masses in a much more polished form: an easy-to-use commercial product selling for less than $100
Prelert Anomaly Detection Released for Big Data Analysis(Programmable Web) Prelert, the anomaly detection company, has announced the release of an Elasticsearch Connector to help developers quickly and easily deploy its machine learning-based Anomaly Detective® engine on their Elasticsearch ELK (Elasticsearch, Logstash, Kibana) stack
When Authentication Fails, Back Up With Authorization Controls(Trustifier Webworld) I had a chance to meet Brian Shields, an intrusion threat analyst, when he came to Ottawa to participate on a panel discussion of APT at a local security event. Brian had been one of the Nortel investigators quite a few years ago, when it was revealed that much of their network had been breached, supposedly by adversaries from China. The theory that stolen Nortel IP used by a competitor contributed to their demise is fairly well known. After Nortel, Brian continued to investigate network breaches. He and the panel really painted a bleak picture. None of the panelists had any real answers when asked about how to stop "APT" — targeted attacks, outside of best practices, being vigilant, and trying to detect breaches as quickly as possible to contain damage
Phishing Safety: Is HTTPS Enough?(TrendLabs Security Intelligence Blog) It was recently reported that Google would improve the search ranking of HTTPS sites in their search engine. This may encourage website owners to switch from HTTP to HTTPS. Cybercriminals are also taking part in this switch. For example, we recently spotted a case where users searching for the secure version of a gaming site were instead led to a phishing site
Network vulnerabilities IT admins can use to protect their network(Help Net Security) Being able to adapt to change is one of the most important abilities in security today, mostly because attacks to defend against are able to do the same. The sophistication of current threats is mainly seen in their skill to adjust based on the weaknesses of the environment they are targeting
5 tips for security behavior management programs(Help Net Security) Security awareness has long been a point of frustration for information security professionals. While many organizations conduct awareness training of some kind, they have struggled to develop effective training, as posters and knick-knacks urging employees to change passwords frequently have failed to improve their security behavior
UK Gov, Rolls-Royce and Teach First join forces for STEM(ComputerWeekly) The government has partnered with Rolls-Royce and Teach First to train 75 new science, technology, engineering and maths (STEM) teachers, announced by the Chancellor of the Exchequer, George Osborne, during his Great British Brands tour
Student benefits from special summer program(Southtown Star) While most college students put their studies on hold when they get a summer job, Illinois Wesleyan University student Tom Simmons was able to continue his academic pursuits and get paid this summer when he became a part of the Eckley Summer Scholar and Artist Program
Legislation, Policy, and Regulation
Holder, spy chief support Senate NSA reform bill(The Hill) Attorney General Eric Holder and Director of National Intelligence James Clapper are lending their support to the Senate's effort to rein in the National Security Agency, a boost for advocates of reform
NSA could learn from police officers' strategy(Milwaukee Journal-Sentinel) Throughout my 15 years in Wisconsin law enforcement, I've learned that the best weapon for fighting crime is good, old-fashioned investigative police work: identifying suspects, chasing down leads, collecting evidence to support those leads
Verizon to Pay Largest Ever Consumer Privacy Settlement(Threatpost) Verizon will pay the Federal Communications Commission $7.4 million as part of a settlement over the company's failure to adequately inform and obtain consent from customers before using their personal information to develop thousands of tailored marketing campaigns. Officials say this fine constitutes the largest consumer privacy settlement in FCC history
Target says banks can't sue over massive data breach(FierceITSecurity) Target wants a Minnesota federal judge to throw out a consolidated class action lawsuit brought by banks over the retailer's massive data breach. Target argues that the bank plaintiffs cannot sue for negligence because they do not have a direct relationship with Target
Celebrity Hacker Could Face Lengthy Prison Sentence If Caught(National Cybersecurity) The person who leaked naked photos of about 100 female celebrities this past weekend, including the actress Jennifer Lawrence and the model Kate Upton, could face an array of criminal charges and dozens of years in prison if caught
Nude celeb selfies doxing prompts 4chan to change policy(Naked Security) 4chan, the slap-happy imageboard that's spawned or popularized internet memes such as Rickrolling and lolcats and more recently served as a launchpad for the doxing of 100 celebrities' nude selfies, has decided to revise its policies to deal with similar foul-ups
Coalition Asks Spyings Effect On Journalism(NetNewsCheck) The Reporters Committee for Freedom of the Press and a coalition of 24 news organizations have asked the Privacy and Civil Liberties Oversight Board to investigate whether national security surveillance programs are compromising journalists' attempts at newsgathering
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Security B-Sides Cape Breton(Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with...
BalCCon2k14 (Balkan Computer Congress)(Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference taking...
BalCCon2k14: Balkan Computer Congress(Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference...
Detroit SecureWorld(Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...
Ground Zero Summit, Sri Lanka(Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.
Cyber Attack Against Payment Processes Exercise 1(Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Suits and Spooks London(London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...
Build IT Break IT Fix IT: Fix IT(Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
NOPcon Security Conference(Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...
5th Annual Billington Cybersecurity Summit(Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...
SINET Global Summit(London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...
Cyber Attack Against Payment Processes Exercise 2(Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Global Identity Summit(Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.