Social media prove well adapted for command and control of increasingly decentralized (yet coordinated) terrorist groups like IS, which the chief of the Dutch intelligence service likens to a "swarm." (Twitter in particular is rapidly gaining users among IS recruiting pools.) The Arab League votes to take "urgent measures" against "extremists." The declaration is short on specifics, but one would expect such measures to include information operations.
Informed observers speculate that the Spark-enabled denial-of-service campaign that peaked over the weekend was reprisal for Eastern European countries' and international banks' participation in sanctions against Russia. Its bots were gathered by phishing New Zealanders with promises of leaked celebrity pictures.
Home Depot acknowledges, finally and after investigation, that it was breached. Observers' consensus is that BlackPOS malware was used. A wave of debit card fraud may have originated in the breach — banks are noticing fraudulent attempts to reset PINs, and the crooks appear to have card expiration dates, as well as card owners' dates of birth and the last four digits of their social security numbers. Stores in the US and Canada were affected, but online purchasing and stores in Mexico appear to have escaped.
Salesforce warns its users to beware the Dyreza banking Trojan's attentions.
The "Kyle and Stan" malvertising network is enjoying unwelcome success.
Ransomware watchers report a surge in Kovter screenlocker infections.
NATO's Wales Summit concluded with some frank talk for Russia.
Observers think the FBI was more active against Silk Road (and TOR?) than the Bureau's account suggests.
Today's issue includes events affecting Australia, Canada, Czech Republic, European Union, Mexico, Netherlands, New Zealand, Russia, Slovakia, United Kingdom, United States.
The CyberWire will be providing special coverage of the 2014 Cyber Security Summit, convening in New York on September 18. Watch for interviews and live coverage of Summit events. We also plan to cover the 5th Annual Billington Cybersecurity Summit in Washington, DC, on September 16, which promises an interesting set of speakers and sessions.
Cyber Attacks, Threats, and Vulnerabilities
Dutch spy chief: Social media fueling terror "swarm"(CBS News) Terrorists have changed their management style, and it's making them harder to fight, a top European intelligence official told CBS News. Decisions once left to a top-down hierarchy are now made by the collective "swarm," a shift he said has been fueled by social media
Social Media's Very Arab Future(Defense One) The future of Twitter, YouTube and a variety of other social networks is going to look and sound a lot more Arabic in the years ahead, at least according to data on Twitter usage across the Arabic-speaking world. And if current trends continue, the emerging Arabic social media landscape will also be a lot more anti-American
Kiwis caught out by cyber attacks(3News) Kiwi customers of communications giant Spark have been unwittingly caught up in a cyber attack on Eastern European websites — possibly by clicking on a link promising pictures of naked celebrities
Russian cyber war linked to Spark crash(Stuff) Spark's big internet crash at the weekend was not about naked celebrities but linked to Russia's cyberwar on Ukraine and Western powers' sanctions on Moscow, security sources say
Home Depot Confirms Payment Card Data Breach(SecurityWeek) After days of speculation, Home Depot has confirmed it was victimized in data breach that compromised credit and debit cards at stores throughout the United States and Canada
These are the websites where hackers flip stolen credit card data after an attack(Quartz) The Home Depot data breach uncovered last week may be one of the largest cases of mass credit-card compromise ever. Data from every card used in a transaction at any US Home Depot store since late April or early May could be in the hands of hackers, who infiltrated company systems using malware similar to what was used in a 40 million-card theft from Target in December. The number of cards stolen from Home Depot is not known, but might exceed the Target total
In Wake of Confirmed Breach at Home Depot, Banks See Spike in PIN Debit Card Fraud(Krebs on Security) Nearly a week after this blog first reported signs that Home Depot was battling a major security incident, the company has acknowledged that it suffered a credit and debit card breach involving its U.S. and Canadian stores dating back to April 2014. Home Depot was quick to assure customers and banks that no debit card PIN data was compromised in the break-in. Nevertheless, multiple financial institutions contacted by this publication are reporting a steep increase over the past few days in fraudulent ATM withdrawals on customer accounts
Here We Go Again: From Target to Home Depot(Cyactive Blog) PoS malware keeps on compromising new retail targets. This time a BlackPoS variant stole troves of credit card information from the Home Depot retail chain stores
No End In Sight For Ransomware(Dark Reading) The screenlocker Kovter, in particular, has shown sharp growth this year. It masquerades as a law enforcement authority and threatens police action if users don't pay up
California State University Reports Data Breach(Hacksurfer) California State University is notifying 6,036 individuals, mostly faculty and staff, of a data breach that occurred on August 23rd and has possibly compromised personal information including Social Security numbers
Google will start gradually sunsetting SHA-1(Help Net Security) Google has announced that it will begin the process of gradually sunsetting SHA-1 (as used in certificate signatures for HTTPS) with Chrome 39, which is due to be released in November
Exploit Kits: Cybercrime's Growth Industry(ThreatTrack Security) Cybercriminals have turned their attention away from exploiting Windows operating systems to pursuing the popular third-party applications installed on nearly every PC around the world. That is why patch management has become a critical layer in your malware defense
The Security Implications of Wearables, Part 3(TrendLabs Security Intelligence Blog) In the second post of this series, we discussed the first two types of attacks involving wearables. We will now proceed to the third type of attack, which can be considered the most damaging of the three
Where the Legal and Compliance Functions Intersect(Corporate Counsel) If your company has an in-house compliance function, where does it live? In about 40 percent of companies polled for a recent survey, the legal department owned compliance, while in another 24 percent the in-house lawyers shared the compliance responsibility
Managed Security Services: an internal issue with external consequences(IT Pro Portal) Managed Security Services (MSS) first rose to fame at the beginning of the 21st century with the promise of a flexible and personalised infrastructure, delivered with unparalleled expertise and knowledge. However, it has only been in the last couple of years that MSS has gotten the traction and attention it deserves as a service
Top Six IT Trends Impacting Business Networks(CircleID) For decades, IT followed business. Even the development of the World Wide Web didn't move this development much beyond the four walls of corporate offices — outside connections were essential but never informed the growth of business-critical technology
SMEs face increased risk of cyber attack(Cheddar Valley Gazette) Small and medium sized businesses can face costs of up to £65,000 as the result of a severe information security breach, according to the most recent Information Security Breaches Survey by the Department for Business, Innovation and Skills
Analysis: More Gaps Found In US Contracts Website(Defense News) Scathing as it was, the Government Accountability Office's (GAO's) recent report on the gaps and deficiencies of USAspending.gov left out a few things — problems that may give defense companies pause about relying too much on the government transparency website for business intelligence
Trustwave Opens a New Lab for 'Ethical Hacking'(TopTechNews) While the unethical hackers of the world look for security Relevant Products/Services vulnerabilities in everything from routers to PIN-pads, the ethical hackers at Trustwave try to beat them to the punch. The cyber-security firm officially opened its ethical hacking lab this summer at its Chicago headquarters
Is FireEye A Good Investment?(Seeking Alpha) The expansion strategy of the company will allow it to diversify its revenue base and grow its margins over the next few years
ISACA launches COBIT 5 online(Help Net Security) ISACA launched the online version of COBIT 5, a resource center to improve governance and management of enterprise IT. The new online platform helps increase the utility of the COBIT 5 framework, a business framework that helps manage information and technology risk, and the COBIT family of products
"Google Dorking" — Waking Up Web Admins Everywhere(TrendLabs Security Intelligence Blog) Last July, the US Department of Homeland Security warned of a new kind of criminal attack: "Google dorking". This refers to asking Google for things they have found via special search operators. Let's look closely and see what this is
Simulators Solving Cyber Training Challenges(Defense News) Soldiers on the battlefield, with bombs exploding nearby and rifle fire coming from somewhere in the middle distance, are in no position to learn how to use the computing and communications systems that their lives might depend on. The time for training — thoroughly — is long before their boots hit the dirt
Cyber attack simulation key to get top management buy-in(ComputerWeekly) Investment by top management is cyber security is vital, and plunging them into the middle of a cyber attack is the best way to get their attention, says Marco Gercke, director for the Cybercrime Research Institute
Crowdsourceing Competitions Encourage Malicious Behavior, Study Finds(Nextgov) Crowdsourcing competitions have fundamentally changed the way idea-sharing takes place online. Famous contests such as the 2012 Coca-Cola crowdsourced campaign for a new logo and Chicago History Museum's crowdsourced project for a new exhibit last year have created buzz around the practice
4 Good Digital Habits for a New School Year(Trend Micro Internet Safety for Kids and Families) As you make the transition from the leisurely pace of summer to the stressful balancing act of earlier bedtimes, new homework routines, and after-school activities, try to factor in how your kids' use of technology will change with it
Legislation, Policy, and Regulation
Wales Summit Declaration(NATO/OTAN) Issued by the Heads of State and Government participating in the meeting of the North Atlantic Council in Wales
Brushing Off Threats, E.U. Votes to Toughen Its Sanctions on Russia(New York Times) Unswayed by threats of retaliation from Moscow, including a possible ban on airlines from Europe flying over Russia, European leaders on Monday endorsed an expansion of economic sanctions against Russia, but backed off putting the new measures into effect immediately
Arab League issues proclamation on ISIS(CBS News) The Arab League agreed Monday to take urgent measures to combat extremists like the Islamic State of Iraq and Syria as one of its suicide bombers killed 16 people at a meeting of Sunni tribal fighters and security troops in Iraq
US Appeals Court hears arguments for shutting down NSA database and domestic surveillance(FierceBigData) Last week, a panel of three judges on the U.S. Court of Appeals for the 2nd Circuit heard arguments on the ACLU v. Clapper lawsuit against the U.S. government's domestic mass surveillance activities. This is the second of two such lawsuits filed against the government. The ACLU argues the surveillance violates the 4th Amendment while the federal government argued that the Patriot Act renders such activities lawful
Security Clearance Contractor USIS Rebuffs Edward Snowden Attack (and More)(Roll Call) USIS, the biggest federal contractor for background checks for security clearances, had to be happy to get a U.S. Citizenship and Immigration Services contract worth $190 million recently, because the company had been on a bad news streak. All the contract seemed to do, though, was give ammunition to its critics — including a chorus of them from Capitol Hill — prompting USIS to issue a "myth vs. fact" declaration Monday
Data breach letters offer free credit monitoring(KOMO News) If you get a letter talking about "credit monitoring," don't throw it away. It's an effort to fight back against a cyber attack aimed at health care facilities. The letters are just hitting the mail, and because of they way they're written, some people are suspicious
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Detroit SecureWorld(Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...
Ground Zero Summit, Sri Lanka(Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.
Cyber Attack Against Payment Processes Exercise 1(Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Suits and Spooks London(London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...
Build IT Break IT Fix IT: Fix IT(Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
NOPcon Security Conference(Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...
5th Annual Billington Cybersecurity Summit(Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...
SINET Global Summit(London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...
Cyber Attack Against Payment Processes Exercise 2(Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Global Identity Summit(Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...
Fraud Summit Toronto(Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...
CSA Congress 2014 & IAPP Privacy Academy 2014(San Jose, California, USA, September 17 - 19, 2014) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley. This conference...
ICS-ISAC Fall Conference(Atlanta, Georgia, USA, September 17 - 20, 2014) Cybersecurity issues — such as the DHS release of Operation Aurora information; legislation like CISA (S. 2588), CIRDA (H.R. 2952) & H.R. 3696; and the NIST Cybersecurity Framework — can leave...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.