The Islamic State draws hacktivist attacks, so its gruesome propaganda are at least in some circles proving self-defeating. The US Treasury Department is also working to choke off IS financial windpipe. (Treasury involvement suggests cyber law enforcement as part of the effort.)
Israeli security firm ClearSky finds the Gholee Trojan dropper in pro-Palestinian malware spread with Gaza phishbait. Gholee's structure and sophistication, ClearSky argues, indicates Iranian involvement in the cyber campaign.
Researchers at the University of New Haven report data leaks in many popular Android personal messaging apps.
Investigators continue to debate (metaphysically, in some respects) whether Home Depot's breach was accomplished by the same BlackPOS malware responsible for Target's. Observers note, sympathetically, how difficult retailers find it to prevent or mitigate such attacks. Banks are often the first to notice, and, while threat sharing is improving, it remains slower than all would like.
Cyber criminals are exploiting iCloud security worries in phishing campaigns that seek login credentials. Wired reports that crime may have indirectly paid for Reddit (which itself is not accused of any crime): the magazine thinks Reddit made enough from celebrity picture views to run its servers for a month.
Heartbleed, still imperfectly patched, seems not to have been exploited before its disclosure. Thus concludes a consortium of university researchers, whose findings would tend to exonerate NSA and GCHQ of accusations that they kept the vulnerability quiet with a view to using it themselves.
Microsoft and Adobe get their Patch Tuesday reviews.
Apple Pay is cautiously received.
Today's issue includes events affecting Australia, Estonia, European Union, India, Iran, Israel, New Zealand, Palestinian Territories, Russia, Ukraine, United Kingdom, United States.
The CyberWire will be providing special coverage of the 2014 Cyber Security Summit, convening in New York on September 18. Watch for interviews and live coverage of Summit events. We also plan to cover the 5th Annual Billington Cybersecurity Summit in Washington, DC, on September 16, which promises an interesting set of speakers and sessions.
25 varieties of malware aimed at Mac OS X this year(Trusted Reviews) Apple's computers have traditionally been less plagued by malware than PCs, but now a security firm has warned that hackers are taking aim at the Cupertino company's computers with 25 varieties of malware
For $390 you can buy an illegal Harvard email account on China's biggest online marketplace(Quartz) A gas can full of snake bile, breast-milk soap, the head of Tom Cruise — those are just some of the odd things you can buy on Alibaba's Taobao, China's biggest consumer-to-consumer online marketplace. Add to that an fake or stolen university email addresses. In an investigation last week, IT security company Palo Alto Networks found email accounts from 42 universities for sale on Taobao, ranging from 0.98 yuan to 2,400 yuan ($0.16 to $390)
Research finds no large scale Heartbleed exploit attempts before vulnerability disclosure(Threatpost) In the days and weeks following the public disclosure of the OpenSSL Heartbleed vulnerability in April, security researchers and others wondered aloud whether there were some organizations — perhaps the NSA — that had known about the bug for some time and had been using it for targeted attacks. A definitive answer to that question may never come, but traffic data collected by researchers on several large networks shows no exploit attempts in the months leading up to the public disclosure
EMET, AV Disclosure Leak Plugged in IE(Threatpost) The Operation SnowMan espionage campaign, which targeted military intelligence earlier this year via an Internet Explorer zero day, exposed a weak spot in Microsoft's vulnerability management efforts. What was unique about the SnowMan operation is that it included a check as to whether the compromised computer was running Microsoft's Enhanced Mitigation Experience Toolkit (EMET), and if so, the attack would not execute
Banks Reacting Faster to Card Breaches(BankInfoSecurity) Post-breach fraud window closing, but problems persist. Suspicions about a possible data breach at Home Depot arose, as in past breaches, after a big batch of stolen payment cards surfaced on an underground marketplace, selling for about $50 each
Officials worry about 'cyber Fort Hood'(Politico) An official says a 'self-radicalized insider' in IT could cause significant harm. The most dangerous cybersecurity threat facing U.S. military and intelligence agencies might not be another Edward Snowden aiming to steal secrets, but rather a rogue IT administrator bent on destruction of critical infrastructure, a senior Intelligence official told POLITICO
Is International Hacking an Act of War?(Willis Wire) Historians will tell you that, despite the bloodshed in the Middle East and Africa, we are currently in one of the most peaceful periods in human existence. However, this era of ostensible peace has us wondering what future war will look like. Recent events may have answered that question. American financial institutions, however, may not like the answer
Is Apple endangering privacy to cut costs?(FierceITSecurity) As Apple prepares to launch two iPhone 6 versions and a rumored iWatch, some are questioning whether Cupertino's reputation for iron-clad security is deserved
Watchful Software Closes Expansion Capital Round to Fuel Continued Growth(Bloomberg BusinessWeek) Watchful Software, a leading provider of data-centric information security solutions, announced today that it has received an equity investment from Hudson Fairfax Group, LP, a strategic investment firm with offices in New York, Washington, DC, and London specializing in business development, sales acceleration, and financial management of high growth companies in the cybersecurity sector
CyberArk Advances Threat Analytics to Identify New Types of Malicious Privileged Behavior Across Systems and Users(Broadway World) CyberArk, the company securing the heart of the enterprise, today announced CyberArk Privileged Threat Analytics 2.0, an expert system for privileged account security intelligence. The expanded analytics includes new self-learning, behavior-based algorithms, enabling customers to detect attacks faster by pinpointing malicious privileged account activity previously hidden in the sheer volume of information collected by big data analytics solutions
FireEye Inc. (NASDAQ:FEYE) Revenues to be stretched with the Acquisition of Mandiant(BasicsMedia) FireEye Inc. (NASDAQ:FEYE) was surging on Monday trading session after its stock was upgraded by UBS AG (NYSE:UBS), from a 'Hold' rating, to a 'Buy.' In an interview on CNBC UBS Managing Director, Brent Thill, argued that the upgrade came at the back of the ongoing growth being experienced on the cyber solutions landscape
Federal agency to end contracts of background-check contractor USIS(AP via Stars and Stripes) The federal Office of Personnel Management plans to terminate its massive contracts with USIS, the major security clearance contractor that was targeted last month by a cyberattack, several officials said Tuesday. The computer network intrusion compromised the personal files of as many as 25,000 government workers
RSA Turns the Table on Cyber Attackers(MarketWatch) New RSA® Advanced Security Operation Center Solution arms security teams with new tools to help identify undetected threats that often result in data breaches
Gemalto Unveils Mobile Payments Security Hub(Light Reading) Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, today introduces its Allynis Trusted Services Hub, a turnkey business service that enables financial institutions, enterprises, transport operators and more generally all digital service providers to benefit from a single connection in order to securely deploy their value-added and mobile payment services across a comprehensive portfolio of smartphones and mobile networks around the world
Porticor, nScaled Combine DRaaS and Encryption(Channelnomics) Customers wary of ascending to the cloud because of security and business continuity concerns: Take heart — vendors appear to be working overtime to put out solutions aimed at assuaging your fears
Juniper expands threat intelligence for more effective network defense(CSO) You may have heard that two heads are better than one — the basic premise being that different perspectives bring more to the table and enable the combined team to make better, more effective decisions. The same thing is true when it comes to threat intelligence and network security, which is why Juniper Networks is expanding the capabilities of its Spotlight Secure platform
Cyber Threat Intelligence Feeds(The Cyber Threat) The discipline of cyber threat intelligence focuses on providing actionable information on adversaries. This information is becoming increasingly important to enterprise cyber defense. This importance has resulted in investment and creation of many new/innovative sources of information on threat actors. This brings challenges of its own. How do you know which source to turn to for what reason? And at an even higher level, how do you know which sources to even consider?
Technologies, Techniques, and Standards
ONC drops 2015 'voluntary' EHR certification criteria, revises 2014 edition(FierceEMR) The Office of the National Coordinator for Health IT has issued a new final rule that makes the 2014 edition of certification criteria more flexible and folds in some of the criteria that had been proposed in its 2015 voluntary edition of electronic health record certification criteria, which the agency has opted to abandon
Have Microsoft's Update Problems Changed Your Patching Policies?(Windows IT Pro) At one time or another, we've all experienced the pains of patching Microsoft products. It sometimes seems to be a never ending battle to test, test, test again, roll out updates and still be nipped in the butt. And, even though it can't be helped, it's the IT Pros that get blamed and heaped on the responsibility of fixing blue screens and hardware and application problems brought on by poorly designed updates
Cyber-Target Categorization(Science 2.0) The purpose of this article is to present a framework and a method for cyber-target categorization. The framework contains factors, which influence on cyber targeting process and the presented categorization method provides an example, how cyber-targets could be categorized to support targeting decision making
How a large ISP fights DDoS attacks with a custom solution(Help Net Security) DDoS attacks are a growing problem. In July, Arbor Networks released global DDoS attack data derived from its ATLAS threat monitoring infrastructure that shows a surge in volumetric attacks in the first half of 2014 with over 100 attacks larger than 100GB/sec reported
How to Protect Yourself From Big Bank-Card Hacks(Wired) With hackers stealing millions of credit and debit card numbers with seeming impunity from Target, Home Depot, and other retailers lately, it might seem as if there's nothing the average consumer can do to protect themselves
How a DNS Sinkhole Can Protect Against Malware(Infosec Institute) The Domain Name Service (DNS) is an integral part of Internet access. It translates human-recognized domain names into computer-readable IP addresses in order to facilitate online communication and connection between devices
How to Use the Information-Seeking Mantra in Cyber Intelligence Dashboards(Recorded Future) In the previous post, we got a glimpse of two important contributions of Edward Tufte to the field of data visualization: chartjunk and sparkline charts. Today, we'll be looking at another data visualization guru whose work can have a profound impact on your cyber intelligence project. We'll be discussing Ben Shneiderman's information-seeking mantra
The 21 most common misconfigurations that will come back to haunt you!(GFI Blog) Have you ever heard the phrase "if it ain't broke, don't fix it"? If you have, then you know sometimes it is best just to leave it alone. But no sysadmin worth their Ethernet cable can resist poking at new things in an attempt to figure out how they work. It is how we all got to the level we are now, and how we will advance to the next level. Sometimes, however, poking at things with a sharp stick can get us into trouble, and this list describes the 21 most common misconfigurations that will come back to haunt you, because poking at things randomly means trouble if you don't pay attention to the outcome!
Building Trojan Hardware at Home(Ethical Hacking) Malware, Viruses and Trojan horse can destroy your computer and network; most of the time they are software based, but have you ever imagined that a hardware based trojan might also destroy or simply steal private information from your computer; consider a recent celebrity hack
DARPA is after vulnerabilities in algorithms implemented in software(Help Net Security) The Defense Advanced Research Projects Agency (DARPA) is looking for new program analysis techniques and tools to enable analysts to identify vulnerabilities in algorithms implemented in software used by the US government, military, and economic entities, and has announced it will be accepting research proposals on the subject until October 28
There aren't enough teachers with coding skills(Marketplace) The looming shortage of coders and programmers in the tech industry has been well-documented. There are about a million (er, give or take) digital job openings predicted in the next decade, which has some schools mandating coding class. But where are the teachers?
Naval Academy works on accrediting cybersecurity major(AP via Stars and Stripes) A U.S. Naval Academy dean says he's hoping to have cybersecurity accredited as a major by 2016. No U.S. school currently has a cybersecurity degree accredited by a leading organization, and the academy hopes to be among the first
National Security Institute to open on Computer Science Technology Day(Statesman) Stony Brook University is starting a National Security Institute on campus as a result of grants from the NYSUNY 2020 vision plan. The university plans to hire six tenure-track faculty members for the cybersecurity-focused institute during the next few years, according to the university's website
The Senate must act to protect Americans from cyber crime(The Hill) Cyber criminals stealing private celebrity photos is just the tip of the iceberg. On a daily basis, hackers threaten to devastate our nation's economy and security. But Senate Democrats don't seem to understand the magnitude of the problem. For more than a year, the Senate has refused to consider common-sense cybersecurity legislation passed by the House of Representatives with strong bipartisan support. Meanwhile, the threat is growing
How Wednesday's 'Internet Slowdown' is supposed to work(Washington Post) Wednesday, forces aligned in favor of stronger net neutrality rules will rally under the banner of Internet Slowdown Day, the latest push to funnel the public's attention to the Federal Communication Commission's on-going rulemaking on open Internet principles and practices
The Positive Side of Cyber(SIGNAL) All too often, the topic of cyber presents a negative view of vulnerabilities and attacks, but cyber has a positive role to play in national defense, said Lt. Gen. Edward Cardon, USA, commanding general, U.S. Army Cyber Command
AFP to embark on international placements in cybercrime fight(ZDNet) The Australian Federal Police is about to embark on a number of strategic placements within international crime fighting agencies, in a bid to take its fight against cybercrime offshore, according to its head of Cyber Crime Operations, Glen McEwan
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Hill AFB Technology & Cyber Security Day(Hill Air Force Base, October 8, 2014) The Armed Forces Communications & Electronics Association (AFCEA) Wasatch Chapter will once again host the 5th Annual Information Technology & Cyber Security Day at Hill AFB. This annual event is an excellent...
Detroit SecureWorld(Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has...
Ground Zero Summit, Sri Lanka(Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats.
Cyber Attack Against Payment Processes Exercise 1(Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Suits and Spooks London(London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...
Build IT Break IT Fix IT: Fix IT(Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security...
NOPcon Security Conference(Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...
5th Annual Billington Cybersecurity Summit(Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...
SINET Global Summit(London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...
Cyber Attack Against Payment Processes Exercise 2(Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...
Global Identity Summit(Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...
Fraud Summit Toronto(Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...
CSA Congress 2014 & IAPP Privacy Academy 2014(San Jose, California, USA, September 17 - 19, 2014) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley. This conference...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.