skip navigation

More signal. Less noise.

Daily briefing.

The threatened (and appallingly named) "electronic Holocaust" against Israel fails to produce much more, so far, than relatively easily contained and remediated cyber vandalism.

ISIS continues to recruit through social media: South African police are cracking down on local efforts.

The Guardian publishes an interesting interview with some of the people behind "Anonymous International," which you may know better under their Russian name, "Sholtai Boltai." Sholtai Boltai's the outfit that claimed coup against Russian President Medvedev and various oligarchs.

Indonesian hacktivists of "Indonesia Cyber Freedom" deface a United Nations subdomain. They claim a puritanical commitment to exposing security lapses as their motive, which seems a long way of saying "lulz."

Reports claim that Linux Australia has warned users of a malware infection in its servers.

A new Chrome hack is demonstrated.

Venafi warns that, while most big companies have patched for Heartbleed, they're still vulnerable because too many of them haven't also reviewed and revoked implicated certificates.

Bitglass completes an experiment in cyber criminology, setting fictitious personal information as hacker-bait and tracing the data's progress through the dark web. It concludes that the cyber black market is mature, accessible, and liquid.

Much of that black market is state-sponsored, or state-encouraged, or at least state-tolerated, according to some reporting in SC Magazine, which rounds up the usual suspects. (They're looking at you, Russia.)

The US Federal Aviation Administration delays a cyber security procurement as it investigates recent hack.

Mozilla updates Firefox.

Reuters claims attacks on critical infrastructure have been seriously underreported.

Notes.

Today's issue includes events affecting Argentina, Australia, Chile, China, Indonesia, Iran, Iraq, Israel, Democratic Peoples Republic of Korea, Malaysia, Peru, Philippines, Russia, Singapore, South Africa, Syria, Thailand, Ukraine, United Arab Emirates, United Kingdom, United Nations, United States, Uruguay, and Vietnam.

Cyber Attacks, Threats, and Vulnerabilities

Israel: Pro-Palestinian hackers hit Israeli websites after Anonymous threats of cyberattack (MInneapolis Star-Tribune) Pro-Palestinian hackers disrupted Israeli websites on Tuesday, following threats from the Anonymous hacking collective that it would carry out an "electronic Holocaust," though Israeli cyber experts said the coordinated attacks caused little damage

Sate Security Investigating Possible ISIS Recruiters in SA (Eyewitness News) The State Security Ministry is investigating how a Cape Town teenager was allegedly recruited to join terrorist group, the Islamic State (Isis) of Iraq and Syria

Meet Anonymous International, the hackers taking on the Kremlin (Guardian) They've hijacked the Russian prime minister's Twitter account and attacked the political elite. But they're also guns-for-hire, collecting private information for a fee. Daniil Turovsky went to Bangkok to meet them

Indonesian Hackers Deface Subdomain of United Nations Website (HackRead) A group of hackers going with the handle of Indonesian Cyber Freedom has hacked and defaced a sub-domain of the United Nations website, just few hours ago

Malware found in Linux Servers (eHacking) Linux Australia has requested his registered attendees of the organization conference of the last three years to change their to change their Passwords, aimed the possible breach of one of its Servers. The possible leaked information may include the First and Last names, Postal addresses, Emails, Paswards,Cell numbers according to the Linux President Joshua Hesketh

AwSnap! New Hack Can Crash Chrome Browsers of Mass Audience (Hacker News) Few weeks back, we reported how a string of just 13 characters could cause your tab in Chrome to crash instantly. However, there was an exception that this special 13 characters string was only working on Mac OS X computers with no impact on Windows, Android, or iOS operating systems

3 Of 4 Global 2000 Companies Still Vulnerable To Heartbleed (Dark Reading) Largest companies on Earth might have patched, but haven't done their due diligence with revoking and issuing new certificates, says Venafi

Cyberattack hit FAA earlier this year (The Hill) Hackers spread malicious software through a computer network at the Federal Aviation Administration (FAA) earlier this year, the agency said

What Happens When Personal Information Hits The Dark Web (Dark Reading) Experiment tracked the journey of a cache of phony names, SSNs, credit cards, and other personal information

Zone of protection: Hacker havens (SC Magazine) To what extent is state-sponsored cybercrime extending the protection for hackers who operate outside U.S. borders?

The lack of HTTPS at Amazon: identifying items purchased using information leakage (Smerity.com) If you were to browse Amazon right now and someone was eavesdropping on your connection, they could tell exactly what you were looking at. Even if you're logged in, all item browsing takes place over HTTP. This is tremendously odd given that it's 2015 and encryption is well and truly fast enough for the masses

Lost in the clouds: 7 examples of compromised personal information (CSO) While having instant access to your information via the cloud is a major bonus to productivity and convenience, there's a risk that the security trade-off will be too high

Bell's Default Password Policy Leaves Tens of Thousands of Users Exposed (Victor Stanchev's Blog) Long story short, Bell's residential modem/routers have weak default passwords that can be cracked in under a day. Few people change them, so tens of thousands of their customers are exposed to risk. To the best of my knowledge, they are not interested in fixing it

Use e-banking? Your cash may be at risk (Khaleej Times) Gangs of cyber thieves use sophisticated methods to gain access to financial info

Hacking ATMs, Literally (KrebsOnSecurity) Most of the ATM skimming attacks written about on this blog conclude with security personnel intervening before the thieves manage to recover their skimmers along with the stolen card data and PINs. However, an increasingly common form of ATM fraud — physical destruction — costs banks plenty, even when crooks walk away with nothing but bruised egos and sore limbs

It's time to research new ways to fight DDoS attacks (CSO) Almost 1-in-5 (18-percent) of businesses experienced a distributed denial-of-service attack within a year-long timeframe, according to the Global IT Security Risks Survey 2014—Distributed Denial of Service (DDoS) Attacks from Kaspersky Labs and B2B International. The data applies to the period from April 2013 to May 2014. The survey's 3,900 respondents represented very small to very large companies from 27 countries

Bulletin (SB15-096) Vulnerability Summary for the Week of March 30, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Security Patches, Mitigations, and Software Updates

Firefox issues brand new update to fix HTTPS security hole in new update (Naked Security) Mozilla recently published its scheduled release of Firefox 37.0

Security experts welcome Firefox encryption move (CSO) Security experts welcome Mozilla's move to add "opportunistic encryption" to Firefox

Facebook publishes new security settings guide (Naked Security) Now that it's made its privacy settings drop-dead simple, Facebook's turned to the cobwebby murk of its security tools to do some spring cleaning

Cyber Trends

Exclusive: Destructive hacking attempts target critical infrastructure in Americas: survey (Reuters) Hacking attacks that destroy rather than steal data or that manipulate equipment are far more prevalent than widely believed, according to a survey of critical infrastructure organizations throughout North and South America

Combatting the Human Element (Infosecurity Magazine) According to research from CompTIA, malware and hacking are serious concerns for nearly half of all companies; but, the human element in security trumps all — companies report that it's the largest factor behind security breaches

Businesses Make Greater Investment in Threat Intelligence (eWeek) Over the next two years, one-third of businesses plan to increase their threat intelligence budget significantly, according to a Ponemon survey

Key Observations from the Last Few Years in the Cybersecurity Marketplace (SecurityWeek) Cybersecurity issues have become front page news virtually every week — breaches, fraud, theft and a whole host of other cyber crime events read like the police blotter from a large metropolitan city where criminals run rampant

No shortcut to ensuring world-class online security in Asia-Pacific (Enterprise Innovation) According to the International Association of Chiefs of Police Centre for Social Media, it is estimated that consumers spend a staggering $272,000 per minute shopping online. In particular, e-commerce in Asia-Pacific is booming due to rising affluence of the growing middle class and their increased access to the internet

Marketplace

Fears about Prism's long-term impact on cloud declared "overblown" (ComputerWeekly) Concerns about how the fallout from the Prism surveillance scandal would blight the business prospects of US cloud providers were overblown, according to Forrester Research

Be aware of risks cyber attacks could have on your business, urges insurance expert (Daily Echo) Businesses need to become more aware of cyber security, according to an insurance specialist

FAA delays procurement to respond to hack (FCW) The Federal Aviation Administration has postponed plans to seek a new cybersecurity services provider while the agency responds to a cyberattack, according to contracting documents

Randy Morgan on Parsons' Secure Mission Solutions Buy and Cyber Focus (ExecutiveBiz) Randy Morgan spent 10 years in executive roles at SPARTA before its 2011 acquisition by Parsons Corp., where he is now executive vice president of operations in the government services business

Brian Brackeen: Kairos Adds Emotion Analytics Offering with IMRSV Acquisition (GovConWire) Kairos has bought emotion analysis technology firm IMRSV for an undisclosed amount in a move to integrate the IMRSV platform into Kairos' facial biometrics portfolio

Barco Silex Partners with Rambus to Combat Security Threats in Point-of-Sale Market (MarketWatch) Enables expansion of DPA Countermeasure solutions beyond traditional smartcard market

Convergence Expands Cyber Practice; Hires Former CEO of Anchor Technologies to Lead Cyber Division (PRNewswire) Convergence Technology Consulting announced today the hiring of Dale Raymond, former CEO of Anchor Technologies, to lead Convergence's Cyber practice. His initial responsibilities will be working with our clients to implement a 360 degree secured cyber solution

Products, Services, and Solutions

Post-Cryptanalysis, TrueCrypt Alternatives Step Forward (Threatpost) TrueCrypt's relative clean bill of health last week has now spawned a new focus on existing alternatives to the open source encryption software, namely VeraCrypt and CipherShed

NSA Certifies General Dynamics' Network Encryption Tech Offering (ExecutiveBiz) General Dynamics has obtained certification from the U.S. National Security Agency for a technology that seeks to help government agencies manage and secure up to 10 gigabytes of network-level data

Lockheed Martin Implements Cost-Saving Cross-Domain Security Solution (HPCwire) Lockheed Martin staffs several government programs that manage high-performance computing (HPC) resources, including support and hardware, used by R&D contractors and scientists engaged in compute-intensive modeling and simulation research. In such an environment, there are multiple levels of security that must be respected by the systems in place

Dimension Data banishes traditional security approach with new assessment offering (Reseller News) Tech firm believes traditional approaches to information security are no longer adequate to protect information networks from modern threats

Microsoft adds HITRUST CSF validation to its long history of health care certifications (WinBeta) Dr. Mohamed Ayad, Industry Specialist, U.S. Health and Sciences at Microsoft, took to the blogs today to discuss Microsoft's most recent achievement in healthcare certification. Mohamed also took some time to cover the storied history Microsoft has with healthcare

Norse Appliance 10g Blocks Advanced Attacks Others Miss at Enterprise Line Speeds (BusinessWire) High-bandwidth threat intelligence appliance offloads expensive firewalls and SIEMs

SurfWatch Labs Connects the Server Room to the Board Room by Linking an Organization’s Unique Cyber Risks to its Business Operations (PRWeb) Latest release of SurfWatch C-Suite helps organizations tailor cyber risk intelligence to their key business areas for improved cyber resilience

Securonix Wins Computer Technology Review MVP Award for Security Analytics (Marketwired) Securonix's Security Analytics Platform wins Most Valuable Product for Innovation and Usability

RiskIQ Wins Most Valuable Product Award in Security from Computer Technology Review for Enterprise Digital Footprint Product (BusinessWire) Company recognized for providing visibility and intelligence to prevent threats in Web and mobile ecosystems

SentinelOne Named Most Valuable Endpoint Security Product by Computer Technology Review (BusinessWire) Company recognized for developing new approach to endpoint protection using execution inspection technolog

Technologies, Techniques, and Standards

IoT groups ink collaboration deal on standards (FierceMobileIT) The Internet of Things promises great changes in the workplace and at home. But one obstacle to its widespread adoption is the lack of agreement on standards, with a number of groups competing to set the unified standard for IoT devices

Principles of Malware Sinkholing (Dark Reading) The process of sinkholing is an important tool to have in your arsenal when dealing with emerging threats

Using different public online malware analyser tools (Vanimpe) Analyzing malware and extracting useful detection indicators (Indicators of Compromise, IOCs) for protecting your customers is a recurrent task if you do incident response. If you have your own malware analysis environment and you receive a suspected malicious file then uploading the file for processing and waiting for the analysis is one of the first steps in this process. However sometimes you have to rely on using different public online malware analyser tool for getting the results

Special Report: Managing Cyber Risk (CFO) Cyber risk experts have begun to work on the assumption that it's impossible to keep networks perfectly free from attack

How to stay safe online: CNET's security checklist (CBS News) It's always better to be safe than sorry. Especially when it comes to your personal information. Keeping your info secure online requires you to take more time and care, but what you lose in moments you'll surely make up in peace of mind

Research and Development

Car-Hacking Prototype Passes Crash Test (Dark Reading) Sensor-based technology — with military drone roots — created to detect and automatically stop cyberattacks on cars

Legislation, Policy, and Regulation

Is the U.S.-Iran Cyber War Over? (Daily Beast) Washington and Tehran have come to an understanding on nuclear weapons. The cyber arsenals? Not so much

Collaboration and boundaries vital for new cybersecurity initiatives (CSO) Underscoring the seriousness of recent cyber-attacks, the Obama Administration is seeking to establish cybersecurity standards and enact new federal laws to cover cybercrimes. The common thread throughout these recent announcements has been the importance of collaboration among business and government sectors to stop cyber-attacks and strengthen national security. However, it remains to be seen which of these proposals, if any, will be enacted into law. It is equally uncertain whether the protections afforded to the business community will satisfy businesses, or take into account the practical issues that they face every day

Obama's new cyber sanctions are woefully inadequate (Business Insider) Cyber attacks from abroad against both American businesses and the federal government have become epidemic because perpetrated with virtual impunity

Why security pros don't like Obama's proposal for antihacking law (Christian Science Monitor Passcode) The tech community has long called for reforming the 1986 Computer Fraud and Abuse Act for its overly broad language. But now many worry a White House plan to toughen the law will have a chilling effect on work to expose software weaknesses

Burr stumps for cyber bill (FCW) Sen. Richard Burr (R-N.C.) is trying to drum up public support for his cybersecurity legislation, the Cybersecurity Information Sharing Act of 2015. He used the Republicans' weekly speech on April 4, in the midst of a two-week break in the congressional session, to pitch his bill as a solution to the ongoing plague of large-scale cyberattacks that is compromising the personally identifiable information of millions of Americans

DHS Seeks Increase in Domestic HUMINT Collection (Federation of American Scientists) The Department of Homeland Security aims to increase its domestic human intelligence collection activity this year, the Department recently told Congress

Coordinator for Cyber Issues Christopher Painter Travels to South America for Cyber Policy Consultations (US Department of State) Christopher Painter, the Secretary's Coordinator for Cyber Issues, will travel to Uruguay, Argentina and Chile April 6-10 to meet with host government officials on a range of cyber policy issues

Colorado nears agreement on cyber harassment (9News) Harassing others through social media, instant messaging, and other electronic means will likely pass the Colorado legislature and land on Governor Hickenlooper's desk

CSIS shares terrorism travel info with 'trusted partners': memo (CBC) Inclusion of 'non-traditional partners' beyond Five Eyes spy network worries critic

Politicians promise to lock kids out of online porn sites (Naked Security) Politicians in the UK plan to force hardcore porn sites to lock out anybody under the age of 18

Litigation, Investigation, and Law Enforcement

Should security providers be held liable for data breaches? (DNA) Black Hat Asia ended with a discussion started by Black Hat founder Jeff Moss on if security providers, should be held liable for data breaches, because of the critical data they claim to "secure". The recent number of hacking incidents everywhere have made this a widespread issue and security professionals worldwide have voiced their opinions

Snapchat issues first transparency report on law enforcement data requests (Naked Security) Snapchat last week joined Google, Facebook and Apple among companies that regularly disclose the number and type of requests they receive from law enforcement for user data

Electronic Forensics Lab Aids Alabama Police Departments (Forensic Magazine) The new Joint Electronic Crime Task Force is headed up by the University of Alabama Police Department. Constant technological growth has created a new frontier in criminal investigations. Recognizing that, the University of Alabama, in partnership with area law enforcement agencies, has created a new electronic forensics lab that will allow the investigation process to speed up

Bust of Edward Snowden sneaked into, removed from NYC park (San Diego Union-Tribune) Suddenly, in the middle of the New York night, Edward Snowden's face appeared — deep in a public park

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Centers for Medicare and Medicaid Services (CMS) CISO Security & Privacy Forum (Woodlawn, Maryland, USA, April 7, 2015) The CISO Security & Privacy Forum is hosted by the Information Security Privacy Group (ISPG) at CMS. The Vision for ISPG is to provide leadership to CMS in managing information security and privacy risks...

10th Annual Cyber and Information Security Research Conference (Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...

Cyber Risk Wednesday: The future of Iranian cyber threat (Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts...

Cyber Threats Masterclass (Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge...

InfoSec Southwest 2015 (Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter,...

NIST IT Security Day (Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...

Cybergamut Tech Tuesday: Tor and the Deep Dark Web (Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...

Cyber Security Summit: Industrial Sector & Governments (Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...

Cyber Security Summit: Fnancial Services (Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...

INTERPOL World 2015 (Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...

Mid-Atlantic ISSA Security Conference 2015 (Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...

Symantec Government Symposium: Secure Government: Manage, Mitigate, Mobilize (Washington, DC, USA, April 15, 2015) The annual Symantec Government Symposium is a one-day event attracting 1,500 government IT security and management professionals. The event is designed to facilitate peer-to-peer dialogue on the challenges...

Proposer's Day Conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program (Washington, DC, area, April 16, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program, in anticipation of...

IIT Cyber Forensics and Security Conference and Expo (Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes...

RSA Conference 2015 (San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015

Australian Cyber Security Centre Conference (Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.

Security Forum 2015 (Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...

CyberTexas / CyberIOT (San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...

Defensive Cyberspace Operations & Intelligence Conference & Exhibition (Washington, DC, USA, April 27 - 28, 2015) The 5th Annual Defensive Cyberspace Operations & Intelligence (DCOI) conference & exhibition is an Israeli-American partnership promoting the extraordinary developments in the technological, intelligence...

INTEROP Las Vegas (Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...

2015 Synergy Forum (Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.