Privateers, useful idiots, or intelligence services — take your pick, but F-Secure and others are attributing the BlackEnergy attacks on Ukraine to a Russian operation.
Chinese security services, facing widespread discontent and civil disobedience (particularly in Hong Kong) is using iFrame-based redirection attacks to install remote-access Trojans into the networks of not-for-profits and NGOs active in or around China. (FireEye devotes its customary attention to Chinese cyber ops.) The government is also cracking down on social media in Hong Kong; activists there work to evade censorship and monitoring.
Over the weekend the SANS Internet Storm Center raised its "InfoCon" to "Yellow" in response to the proliferation of Shellshock-exploiting worms and botnets across the Internet. Vendors and hackers are currently engaged in a race to control the holes Shellshock opened, and observers expect this to continue for the foreseeable future. Much advice on mitigating Shellshock risk is on offer, starting with ways of determining how vulnerable your systems may be.
Apple security receives scrutiny, some but not all of it Shellshock-related. The brand is heavily phished, and its latest iOS anti-phone-tracking feature may not work quite as expected.
Trendy social medium Ello sustains a successful denial-of-service attack.
A third-party point-of-sale vendor may be implicated in the recent Jimmy John's breach. Observers advise the vendor's other customers to look to their security.
The US financial sector announces a new collaborative approach to developing threat intelligence product.
Law firms in the UK consider their cyber vulnerability, and also their more general "duty to inform."
Today's issue includes events affecting Australia, Canada, China, France, Germany, Laos, Oman, Russia, Turkey, Ukraine, United Kingdom, United States.
Aided Frame, Aided Direction (Because it's a redirect)(FireEye) On September 24 2014, FireEye observed a new strategic web compromise (SWC) campaign that we believe is targeting non-profit organizations and non-governmental organizations (NGO) by hosting iframes on legitimate websites
Arab Twitter users dislike Iran even more than they dislike the US(Quartz) After decades of bombings, invasions, and other military interventions, it's no surprise that attitudes toward the United States are overwhelmingly negative in the Arab world. But according to a recent study, there's at least one country that's less popular than the US in the region — that would be Iran, at least on Twitter
Why We Have Moved to InfoCon:Yellow(Internet Storm Center) At the Storm Center, we are strict and judicious on moving the InfoCon status. We felt, after dialog, that Yellow is warranted in this case as we are seeing signs of worm/botnet activity. This combined with so many systems are impacted [worm], with no signs of letting up [met]
Malicious Shellshock Traffic Invades the Web(Infosecurity Magazine) Security experts are urging firms to patch the Shellshock bug as soon as possible, after spotting a "significant amount" of malicious traffic exploiting the Bash vulnerability made public last week
Bash Bots Waste No Time(AppRiver Blog) It took less than one day after the news was publically released about a major flaw in the bash command line interpreter before a botnet leveraging this flaw, referred to as ShellShock, has been spotted in the wild
Shellshock Exploit Attempts Continue in China(TrendLabs Security Intelligence Blog) It seems like the floodgates have truly opened for Shellshock-related attacks. We have reported on different attacks leveraging the Bash bug vulnerability, ranging from botnet attacks to IRC bots
Shellshock Vulnerability: What Mac OS X Users Need to Know(Intego) The vulnerability is called Shellshock, and it has rocked the security industry to its core. A flaw in the "Bash" shell — the command line interpreter for Unix-based systems including Linux and Mac OS X — has sent server administrators scrambling to patch their systems
Bash "Shellshock" bug: Who needs to worry?(Help Net Security) As expected, attackers have begun exploiting the GNU Bash "Shellshock" remote code execution bug (CVE-2014-6271) to compromise systems and infect them with malware
Shellshocked: A Future Of 'Hair On Fire' Bugs(Dark Reading) Most computers affected by Bash will be updated within 10 years. The rest will be vulnerable for the lifespans of all humans now living. This should concern us. But then, global warming should also concern us
5 More Mac Malware Myths and Misconceptions(Intego) There are plenty of myths about malware in general, but Macs especially seem to attract an extra dose of mythos due to a smug sense of invulnerability among the Mac community
Ello Users Experience Further Downtime After DDoS Attack(TechCrunch) The suddenly hip social networking site Ello experienced its first major outage today, suffering a Distributed Denial of Service attack that brought it down for approximately 45 minutes. The company says that it was able to fix the issue by blocking the IP addresses responsible for the attack
Signature Systems Breach Expands(Krebs On Security) Signature Systems Inc., the point-of-sale vendor blamed for a credit and debit card breach involving some 216 Jimmy John's sandwich shop locations, now says the breach also may have jeopardized customer card numbers at nearly 100 other independent restaurants across the country that use its products
Beyond Home Depot: Cyberthieves target smaller companies(CNBC) Data breaches at big retailers including Home Depot and Target may be grabbing attention, but mom-and-pop businesses shouldn't feel like they're in the clear. Hackers also have their eye on smaller businesses, according to experts
Bulletin (SB14-272) Vulnerability Summary for the Week of September 22, 2014(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Check Point Protects Customers Against Shellshock(Sys-Con Media) Check Point® Software Technologies Ltd. (NASDAQ: CHKP), the worldwide leader in securing the internet, today announced that it has issued an IPS protection against the GNU Bourne Again Shell (Bash) 'Shellshock' Vulnerability, securing the integrity of its customers' network data
National Security Agency Locked Out of Apple iPhone(International Business Times) After the release of the iPhone 6 models, the internet is a buzz trying to bring down the product. If it is not the iOS flaws, it is the bendgate or the problems faced with the Touch ID. There is some negative concern or the other regarding these smartphone models
Duo Security VC round caps season(Crain's Detroit Business) It was a good summer for Dug Song, CEO and co-founder of Duo Security Inc., an Ann Arbor-based, fast-growing provider of highly secure, cloud-based authentication services for companies
Spy Agencies Urge Caution on Phone Deal(New York Times) An obscure federal contract for a company charged with routing millions of phone calls and text messages in the United States has prompted an unusual lobbying battle in which intelligence officials are arguing that the nation's surveillance secrets could be at risk
We're arriving at the endgame for BlackBerry(Quartz) The BlackBerry was the first truly modern smartphone, the king of Personal Information Management On The Go. But under its modern presentation lurked its most fatal flaw, a software engine that couldn't be adapted to the Smartphone 2.0 era
Symantec Appoint Michael Brown As CEO(ValueWalk) The Mountain View, California-based company have given the interim CEO the job on a permanent basis, marking the end of a six month search
ScoutBot(LANSec) ScoutBot is a must have application for penetration testers who are looking for an easy and inconspicuous way of gathering info on a target's network
Drozer — Security Testing Framework for Android(Ethical Hacking) Unquestionably we can say that Android is one the leading mobile operating system, but nobody is secure; so Android also has vulnerabilities and there are methods to exploit them. Since there are vulnerabilities, so we have a reason to study and fix them. Drozer can make your life easy because it is a framework to test the security of Android OS
MITMF — Framework for Man-in-the-Middle Attacks(SecTechno Blog) MITMF is another framework that can be used for man-in-the-middle attack. the tool is python based and have several plugins that adds more functionality during a penetration test
Shellshock: Vulnerable Systems you may have missed and how to move forward(Internet Storm Center) By now, I hope you are well on your way to patch your Linux systems for the bash code injection vulnerabilities. At this point, you should probably dig a bit deeper and try to find more "hidden" places that may be vulnerable. First of all, a quick list of things that are not vulnerable
What have Bash and Heartbleed Taught Us?(Internet Storm Center) Two significant vulnerabilities affecting a wide range of systems that couldn't be patch fast enough were released in the past few months
What Can Open Source Intelligence Tell You about a Threat Actor in 30 Minutes or Less?(Cyveillance) All of us who work in the risk, security, or compliance space would love a crystal ball to predict threats — to know who's trying to attack us, what their motivations are, and what tactics they'll use. In the absence of that, one of your best options to stay proactive and respond to threats quickly is by studying groups or individuals that pose a risk to your organization or industry using Open Source Intelligence (OSINT)
Beyond NERC: best practices for worst-case scenarios(IntelligentUtility) Is your utility compliant with NERC's latest bulk security requirements? Congratulations! Are you fully prepared for all potential risks to your electric grid? If complying with NERC's physical security standards is all you've done, the answer is no
Security of Third-Party Keyboard Apps on Mobile Devices(Lenny Zeltzer on Information Security) Major mobile device platforms allow users to replace built-in keyboard apps with third-party alternatives, which have the potential to capture, leak and misuse the keystroke data they process. Before enabling the apps, their users should understand the security repercussions of third-party keyboards, along with the safeguards implemented by their developers
U.S., China talk cybersecurity despite military hack attack(Washington Free Beacon via the Washington Times) Chinese officials held closed-door talks in Washington last week with U.S. cybersecurity counterparts despite Beijing's formal cutoff of talks on the subject after the federal indictments of Chinese military hackers
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Secure 2014(Warsaw, Poland, October 21 - 23, 2014) NASK and CERT-Polska offer this conference on telecommunications and IT security. Speakers from government, industry, and universities around the world will offer insights into research, policy, and security...
INTEROP(New York, New York, USA, September 29 - October 3, 2014) Interop returns to New York with practical and visionary conference sessions designed to help you accelerate your career. This year's conference tracks include: Applications, Business of IT, Cloud Connect...
Indianapolis SecureWorld(Indianapolis, Indiana, USA, October 1, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Larry Ponemon, Chairman and Founder of the Ponemon Institute,...
Suits and Spooks New York(, January 1, 1970) Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. Suits and Spooks...
Open Analytics Summit(Dulles, Virginia, USA, October 7, 2014) Open Analytics Summits are for Developers, Engineers, Data Scientists, CMOs, Data Analysts, CTOs, Architects, Brand Managers, and anyone passionate about open source technologies, big data, or data analytics...
MIRcon 2014(Washington, DC, USA, October 7 - 8, 2014) MIRcon 2014 is the premier information security industry event of the year. The conference is designed to educate innovators and executives battling cyber attackers daily
Cyber Security, Meet Workforce Development(Silver Spring, Maryland, USA, October 8, 2014) Per Scholas convenes leaders in the Nation's Capital to develop a blueprint for building today's entry-level cyber security workforce
Technology & Cyber Security Day(Hill Air Force Base, Utah, October 8, 2014) The Armed Forces Communications & Electronics Association (AFCEA) Wasatch Chapter will once again host the 5th Annual Information Technology & Cyber Security Day at Hill AFB. This annual event is an excellent...
Cyber Security EXPO(, January 1, 1970) Securing information, mobility, cloud, and social interaction for the modern enterprise. Disruptive technologies such as cloud computing, mobile, bring your own device (BYOD) and social media are pushing...
InfoSec 2014(Kuala Terengganu, Malaysia, October 8 - 10, 2014) You are invited to participate in The International Conference on Information Security and Cyber Forensics (InfoSec 2014) that will be held at Universiti Sultan Zainal Abidin (UniSZA), Kuala Terengganu,...
Hacktivity 2014(Budapest, Hungary, October 10 - 11, 2014) Official and alternative representatives of the information security profession meet with all those interested in this field in framework which is at the same time informal and informative, and sometimes...
Ruxcon(Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...
Hack-in-the-Box Malaysia(Kuala Lumpur, Malaysia, October 13 - 16, 2014) HITBSecConf or the Hack In The Box Security Conference is an annual must attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia...
FS-ISAC Fall Summit 2014(Washington, DC, USA, October 13 - 16, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services...
CYBERSEC 2014(, January 1, 1970) CYBERSEC is a 4-day event geared toward helping you achieve your cybersecurity goals. Whether your focus is on cybersecurity management, investigation, defense, or offense we are offering specialty cybersecurity...
Black Hat Europe 2014(, January 1, 1970) The premier conference on information security returns to the beautiful city of Amsterdam, Netherlands in October, 2014. Professionals from all over the world gather for two days of intense Trainings and...
Denver SecureWorld(Denver, Colorado, USA, October 16, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North...
TechCrunch Disrupt Europe Hackathon(London, England, UK, October 18 - 19, 2014) For the second year in a row, TechCrunch is jumping across the pond and bringing the iconic Disrupt and our Hackathon to Europe. We're heading your way, London
U.S. Army ITA Security Forum(Fort Belvoir, Virginia, USA, October 20, 2014) The U.S. Army Information Technology Agency Security Forum is taking place at the Ft. Belvoir site and will be a one day event focusing on cyber security education and training for the workforce. The...
CSEC 2014 Cyber Security Summit(Kingdom of Bahrain, October 20 - 22, 2014) At the Inaugural Cyber Security Summit 2014, you will have the opportunity to seek ways to reset your IT security and risk strategy for success; stay relevant as IT security and risk are redefined; implement...
2014 ICS Cyber Security Conference(, January 1, 1970) The 14th ICS Cyber Security Conference (sometimes known as "Weisscon") will be held October 20-23, 2014 at Georgia Tech in Atlanta, GA. Cyber Security is becoming a critical infrastructure issue with implications...
Cyber Security Summit 2014(, January 1, 1970) Cyber security breaches have a profound impact on all areas of society. Join the discussion at Cyber Security Summit 2014. For two days, leaders from the public and private sectors meet to identify cyber...
ISSA International Conference(Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.
Hack.lu 2014 (Dommeldange, Luxembourg, October 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society
ToorCon San Diego(San Diego, California, USA, October 22 - 26, 2014) For hackers like you, because what could possibly go wrong?
FOCUS 14: Empowering the Connected World(Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while...
Dallas SecureWorld(Dallas, Texas, USA, October 29 - 30, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged...
CyberMaryland 2014(Baltimore, Maryland, USA, October 29 - 30, 2014) Entrepreneurs, investors, academia and government will convene in Maryland — the nation's epicenter for cybersecurity for the fourth annual CyberMaryland Conference.
Cyber Job Fair(Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals...
ekoparty Security Conference 10th edition(Buenos Aires, Argentina, October 29 - 31, 2014) ekoparty — Electronic Knock Out Party — Security Conference, is a one of a kind event in South America; an annual security conference held in Buenos Aires, where security specialists from all over Latin...
Cyber Risk Summit(Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management.
Senior Executive Cyber Security Conference(Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.