skip navigation

More signal. Less noise.

Daily briefing.

Researchers report that LinkedIn may be exposing user emails.

Freenode warns users it's been breached, and advises them to change their passwords.

An SNMP-based denial-of-service attack is reported to be spoofing Google DNS servers. Mitigation appears, so far, to be largely successful.

Online fraud exacts an increasing cost from retailers, many of whom are, observers assert, rendered vulnerable by their inadequate network security measures.

Brookings publishes a study on "our cyborg future." The breathlessly stated topic suggests the legal complexities surrounding not only implanted networked devices, but also such increasingly ubiquitous personal tools as fitness trackers and smart phones. Not all such devices, the study argues, will be treated the same way by legal systems.

In industry news, SC Magazine looks at the effect Snowden's leaks have had on both the cyber sector and the criminal black market (from a market point-of-view, the effect in both places has been largely bullish).

Apple hangs tough on its approach to data security. Cisco looks at railways and sees a market for Internet-of-things services and security. Comcast denies (with justice, thinks Ars Technica) rumors that it's shutting down Tor users.

NIST issues a draft instruction covering the security of "reproduction devices" — printers, copiers, and the like.

A Russian official frames the content of Russian information operations in the Baltic: Ukraine provides the template.

The latest Snowden leaks prompt calls from German companies for more national control over cloud services. They also prompt reflections on how agencies might direct whistleblowing into less destructive channels.

Notes.

Today's issue includes events affecting Estonia, European Union, Latvia, Lithuania, Nigeria, Russia, Ukraine, United States.

The CyberWire will also provide special coverage of the 2014 Cyber Security Summit, convening in New York on September 18.

Cyber Attacks, Threats, and Vulnerabilities

LinkedIn Feature Exposes Email Addresses (Krebs on Security) One of the risks of using social media networks is having information you intend to share with only a handful of friends be made available to everyone. Sometimes that over-sharing happens because friends betray your trust, but more worrisome are the cases in which a social media platform itself exposes your data in the name of marketing

Here's What Hackers Can Do With Your CRM Data (Forbes) It is clear why malware writers target such retailers as Home Depot HD +0.6% and Target. It is obvious, if not pathetic, why hackers break into the cloud to find and publish private nude photos of celebrities

Freenode suffers breach, asks users to change their passwords (Help Net Security) Popular IRC network Freenode has suffered a security breach and is asking users to change their passwords, as they might have been compromised

SNMP-Based DDoS Attack Spoofs Google Public DNS Server (Threatpost) The SANS Internet Storm Center this afternoon reported SNMP scans spoofed from Google's public recursive DNS server seeking to overwhelm vulnerable routers and other devices that support the protocol with DDoS traffic

Google Apps scripts can be easily misused by scammers (Help Net Security) Andrew Cantino, VP of Engineering at Mavenlink but also a bug hunter in his free time, has discovered that Google Apps Scripts can be misused by attackers to access users' email and other information

Flaw in Android Browser Allows Same Origin Policy Bypass (Threatpost) There's a serious vulnerability in pre-4.4 versions of Android that allows an attacker to read the contents of other tabs in a browser when a user visits a page the attacker controls. The flaw is present in a huge percentage of the Android devices in use right now, and there's now a Metasploit module available to exploit the vulnerability

Worm Illuminates Potential NAS Nightmare (Dark Reading) A researcher at Black Hat Europe hopes to demonstrate a homegrown, self-replicating worm to illustrate major threats to popular network-attached storage systems

DNS cache poisoning attacks to steal emails are reality (Security Affairs) CERT warns that DNS Cache Poisoning attacks could be used also to hijack email to a rogue server and not only to divert the Internet traffic

Bulletin (SB14-258) Vulnerability Summary for the Week of September 8, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Cyber Trends

Why retailers like Home Depot get hacked (CSO) Retailers like Home Depot, which recently suffered a major data breach, have known for years about vulnerabilities in payment systems, but have chosen to ignore them, experts say

Retailers grappling with higher costs of fraud, survey shows (FierceCFO) Mobile commerce seen as thorniest problem for retailers dealing with a big spike in fraud

2 stores, 100M hacks. Where's cybersecurity? Our view (USA Today) Consumers deserve better from U.S. companies than excuses

5 Myths: Why We Are All Data Security Risks (Dark Reading) I am absolutely sure that I could be tricked by a well-crafted spear phishing attack, and I am equally sure I could do the same to you

Your adviser could be an easy target for cyber crooks (MarketWatch) At a time when security experts, regulators and law enforcement are warning of attacks on the financial sector, more than one-third of registered investment adviser firms don't do risk assessments for cyber threats, vulnerabilities or potential consequences, new data finds

Ready, aim, click (My Broadband) If World War III promises to be digital, we must be as prepared as we can be

Our Cyborg Future: Law and Policy Implications (Brookings) In June 2014, the Supreme Court handed down its decision in Riley v. California, in which the justices unanimously ruled that police officers may not, without a warrant, search the data on a cell phone seized during an arrest. Writing for eight justices, Chief Justice John Roberts declared that "modern cell phones…are now such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy"

Cyber Security Professionals are Sheep Awaiting Slaughter (Seculert) In a recent article, New York Times technology reporter Nicole Perlroth recounts a gag that, in one variation or another, is racing its way through the cyber security community as only droll jokes can. It goes like this

System failures cause most large outages of communications services (Help Net Security) The European Union Agency for Network and Information Security (ENISA) published a report about large-scale outages in the electronic communication sector. It provides an aggregated analysis of the security incidents in 2013 which caused severe outages

Marketplace

How Edward Snowden boosted infosecurity business and…cybercrime (SC Magazine) Whatever Snowden's motivations, Ilia Kolochenko contends that the industry has misused the resulting information and often sold kit rather than true security solutions and expertise

Crime Ring Revelation Reveals Cybersecurity Conflict of Interest (Scientific American) Hold Security's nebulous report on the "CyberVor" online hacker gang exposed the cybersecurity world's troubling practice of uncovering online threats and then selling proposed solutions

CyberArk IPO Gets Boost as Breaches Trigger Industry Gain (Bloomberg) The data breaches that have rocked corporate America in recent weeks couldn't have come at a better time for CyberArk Software Ltd

Insider Selling: Eric Hahn Sells 10,000 Shares of Proofpoint Stock (PFPT) (WKRB) Proofpoint (NASDAQ:PFPT) Chairman Eric Hahn sold 10,000 shares of Proofpoint stock in a transaction that occurred on Tuesday, September 9th. The stock was sold at an average price of $39.87, for a total transaction of $398,700.00

Joseph DiZinno Named American Systems Identity Intell VP (GovConWire) Dr. Joseph DiZinno, a two-decade FBI veteran and a former executive at BAE Systems, has joined American Systems as vice president of identity intelligence for the Chantilly, Virginia-based government services contractor

Products, Services, and Solutions

Tim Cook Holds Firm On iMessage Security: It's Encrypted, And We Don't Have A Key (TechCrunch) As Apple continues to come under some attack for how it handles iCloud security, the company's CEO Tim Cook is holding firm on the company's priorities when it comes to data protection

Cisco's industrial Internet of Things campaign hones in on railroads (TechTarget) Cisco's Connected Rail effort kicks off its strategy for an industrial Internet of Things, with a reference architecture for a network that can improve operations and passenger services for passenger and freight systems

Brit to Launch Cyber Attack Product (BusinessWire) Brit PLC ('Brit' or 'the Group'), a market-leading global specialty insurer and reinsurer, has developed a unique insurance service to protect companies operating critical infrastructure and industrial machinery from terrorist and other malicious attacks, such as sabotage, espionage and theft

Comcast calls rumor that it disconnects Tor users "wildly inaccurate" (Ars Technica) The Internet is mad at Comcast, but the latest rage appears to be unjustified

EventTracker Announces 7.6 with Smart Search (Dark Reading) EventTracker Enterprise 7.6 new features simplify the extraction of operational and security intelligence from machine data

Technologies, Techniques, and Standards

Draft NISTIR 8023: Risk Management for Replication Devices (NIST) This publication provides guidance on protecting the confidentiality, integrity, and availability of information processed, stored, or transmitted on replication devices (RDs). It suggests appropriate countermeasures in the context of the System Development Life Cycle. A security risk assessment template in table and flowchart format is also provided to help organizations determine the risk associated with replication devices

Windows malware must be top endpoint security priority (TechTarget) The number of endpoint security vulnerabilities is daunting, but endpoint admins should first focus on updating patches against Windows malware

Emerging cloud threats and how to address them (Help Net Security) As organizations deploy and harness private, community and hybrid clouds, they encounter new types of threats, along with the old ones they've been battling for years

WordPress Security Checklist (Help Net Security) WordPress is not only easy to use, it also comes with many plugins and themes for you to choose from, making it extremely customizable. However, like all other popular platforms, it is also more prone to hacking

Research and Development

Open-source project promises easy-to-use encryption for email, instant messaging and more (IDG via CSO) A software development project launched Monday aims to create free tools that simplify the encryption of online forms of communication like email, instant messaging, SMS and more by solving the complexity associated with the exchange and management of encryption keys

Patterns in banking personal identification numbers (FierceBigData) If you've ever wondered about the security of personal identification numbers, or PINs, used in banking, wonder no more. While in theory the 10,000 possible combinations presented in a four digit sequence and chosen randomly by users is good protection for banking accounts and credit cards, it turns out that the human factor weakens the design in practice

Academia

Tech company calls for perception change in STEM subjects (Microscope) IT professionals need to be viewed with the same esteem as lawyers, architects and accountants if young people are to choose technology related degrees

La. Tech full of cyber synergy (News-Star ) New cyber engineering program at Louisiana Tech University attracting interest from across the United States

Legislation, Policy, and Regulation

Russia This Week: Rights or Revanchism? Russian Human Rights Commissioner Blasts Ukraine, Baltic States (Interpreter) A speech from Konstantin Dolgov, the Foreign Ministry's Commission for Human Rights, Democracy and the Rule of Law has been published on […] the official web site of the Foreign Ministry. The speech was made at the Regional Conference of Russian Compatriots of Latvia, Lithuania and Estonia in Riga on 13 September

While NSA 'maps' the Internet landscape, German tech companies want Cloud cover (Deutsche Welle) Microsoft Germany wants Cloud services to be regulated at home in a bid to protect data from foreign espionage. The announcement coincides with a new report pointing to NSA activities targeting German telecommunications

Don't Fear the Leaker: Thoughts on Bureaucracy and Ethical Whistleblowing (SSRN) In this brief essay, I argue that rather than trying to eliminate leaks entirely, which experience demonstrates is impossible, we should instead try to channel leaks so that they provide the maximum benefit to transparency while reducing risks to national security and other secrecy concerns. I also offer some preliminary suggestions about how to accomplish this goal

Cyber airmen race to stay ahead of new threats (Air Force Times) As cyber threats increase and become more sophisticated, airmen in the Cyber career field find themselves operating in a fast-paced environment just trying to stay two steps ahead

Tactical Cyber: How to Move Forward (Small Wars Journal) Cyberspace operations, both defensive and offensive, captured the attention of many pundits, military professionals, and interested observers

Litigation, Investigation, and Law Enforcement

Nigerian bank IT worker on the run after $40m cyber heist (Naked Security) A Nigerian IT worker is wanted by police after a major cyber-heist at the bank where he was employed

Liberty Reserve CTO pleads guilty to involvement in massive money laundering (Naked Security) Mark Marmilev, CTO of former digital currency brokerage Liberty Reserve, has pleaded guilty to playing a major role in the operation of the business which became a favourite for cybercrooks and money launderers

Insider Credit Card Breach Leads to $400,000 Saks Shopping Spree (eSecurity Planet) Six former Saks Fifth Avenue employees have been charged with grand larceny and identity theft

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

MIRcon 2014 (Washington, DC, USA, October 7 - 8, 2014) MIRcon 2014 is the premier information security industry event of the year. The conference is designed to educate innovators and executives battling cyber attackers daily

Hack.lu 2014 (Dommeldange, Luxembourg, October 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society

FOCUS 14: Empowering the Connected World (Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while...

Cyber Job Fair (Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals...

Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed...

Healthcare Cyber Security Summit 2014 (San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit

FloCon 2015 (Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University

Security Forum 2015 (Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...

Upcoming Events

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers,...

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander,...

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures,...

Cyber Attack Against Payment Processes Exercise 2 (Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions,...

Global Identity Summit (Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive,...

Defense Intelligence Agency (DIA)/National Intelligence University (NIU) Open House (Washington, DC, USA, September 17, 2014) On September 17, 2014, the National Intelligence University (NIU) will hold a Tech Expo as part of its annual "NIU OUTREACH DAY" in the Tighe Lobby of DIA Headquarters on Joint Base Bolling-Anacostia.

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.