More vandalism of Israeli websites is reported, but the annual OpIsrael strikes most observers as not surpassing its customary nuisance levels of damage.
People claiming to represent ISIS threaten Turkey with online devastation unless that country's authorities release all the ISIS-bound fighters they've detained.
In the US, the FBI warns businesses to beware fallout from OpIsrael (but so far little is reported). ISIS-sympathizing hackers (Ars Technica calls them "script kiddies") pose a more immediate threat: they've been exploiting WordPress flaws (patches available) to strew Caliphate-themed messages and threats across the blogosphere. Observers hope this will motivate users to patch WordPress.
The long-running investigation of US State Department and White House network intrusions increasingly turns toward Russian suspects. It appears the State Department's unclassified systems were of interest principally as a phishing path into the White House.
Fidelis publishes an extensive report on the AlienSpy remote-access Trojan.
Baby monitor hacking is back, and creepier than ever — one more element of creep in the increasingly disturbing Internet-of-Things homefront.
Mozilla retreats from "opportunistic encryption" in Firefox. Snapchat blocks third-party apps. Users still cling to Windows XP, and Microsoft seeks to nudge users of that OS and other products to upgrade through embedded nagging. (Fair-minded observers wish Redmond's nagging well.)
Analysts look at Heartbleed, and how it's changed the security conversation. Other security mavens debate the relative importance of users and technology in reducing risk.
In industry news, Singapore's Singtel buys Trustwave, and iSight acquires Critical Intelligence. Investment analysts evaluate security firms' stock prospects.
Today's issue includes events affecting Australia, China, Botswana, Denmark, Iraq, Israel, Russia, Singapore, Syria, Turkey, United Kingdom, United States.
UK government website hijacked by Islamist hackers(Hot for Security) Want to know what air pollution is like in the UK today? There's a website for that: uk-air.defra.gov.uk, run by the British Government's Department of Environment, Food & Rural Affairs (DEFRA). Unfortunately it's not going to be able to help you today
FBI Issues Warning to U.S. Companies Over Imminent Attacks(Dark Matters) The FBI issued a warning for U.S. companies that extremist hacker groups from the Middle East and North Africa, which "routinely conduct pro-extremist, anti-Israeli, and anti-Western cyber operations," are planning to conduct cyber attacks against Israeli targets in an operation dubbed #OpIsrael
FBI: Hackers Exploiting ISIS Notoriety To Promote WordPress Hacks(Forbes) Self-described sympathisers of extremist group ISIS have hacked their way into websites to leave messages for visitors, the FBI has warned. The law enforcement agency said yesterday many sites were being attacked because of unpatched flaws in their WordPress content management systems
Russian hackers eyed in attack on White House, State Dept.(SC Magazine) Russian hackers that breached a non-classified email system at the State Department, then dallied around in the agency's network for months, used that vantage point to gain entry into some areas of the White House computer system, CNN reported Tuesday
Ratting on AlienSpy(General Dynamics Fidelis) This report is a comprehensive description of AlienSpy, a remote access trojan (RAT) with significant capabilities that is currently being used in global phishing campaigns against consumers as well as enterprises. Our goal with this paper is to provide detailed analysis of its capabilities, tie it to previous generations of RATs that have been observed over the course of many years and provide observations from recent encounters with the RAT. Further, we intend to support the broader research community with a Yara rule developed as a result of our research as well a rich set of IOCs from campaigns that are currently operational, extending the body of knowledge around this RAT
Android Installer Hijacking Bug Used as Lure for Malware(TrendLabs Security Intelligence Blog) Mobile users became alarmed after the discovery of an Android bug that was dubbed as the "Android Installer Hijacking vulnerability." This flaw can allow cybercriminals to replace or modify legitimate apps with malicious versions that can steal information. Given the high profile nature of this discovery, we decided to search for threats that might exploit this vulnerability
How to protect from threats against USB enabled devices(Help Net Security) Reports have been circulating that e-cigarette chargers from China were corrupted and infected machines with malware. Many journalists took the story at face value, even though the only source was a single post on the
16-31 March 2015 Cyber Attacks Timeline(Hackmageddon) I am back in business after a short vacation period (now and then it happens!), just in time to publish the second Cyber Attack timeline of March (the first one is here), which confirms the growing trend we have been experiencing in 2015
Security Patches, Mitigations, and Software Updates
Snapchat blocks third-party apps from accessing its APIs(Help Net Security) Snapchat has had its fair share of data breaches and security troubles, the latest of which stemmed from the fact that the app's internal API has been reverse-engineered and is used by a number of third-party mobile apps
Windows XP — It's Not Dead Yet(TrendLabs Security Intelligence Blog) Support for Windows XP ended over a year ago. By any standard, Windows XP ranks as one of the most influential versions of Windows ever, thanks to its longevity and widespread adoption by enterprises around the world. However, the end of support should have served as a clear signpost to users and organizations to immediately upgrade to newer systems
Heartbleed a Year Later: How the Security Conversation Changed(eWeek) In the year since Heartbleed's discovery, there is more scrutiny than ever on OpenSSL and critical infrastructure overall. A year ago today (April 7), I first saw the OpenSSL advisory about a new security vulnerability identified as CVE-2014-0160 and titled "TLS heartbeat read overrun"
Experts Say Users Not To Blame for Security Breaches(CIO) Recently, IBM Security researchers took the lid off an active campaign using a variant of the Dyre banking malware. So far, the malware has swiped over $1 million from its enterprise Relevant Products/Services victims
Are you prepared for dealing with a breach?(Help Net Security) RSA, The Security Division of EMC, released the results of a new global breach readiness survey that covered thirty countries and compared those global results with a survey of the Security for Business Innovation Council (SBIC), a group of top security leaders from the Global 1000
Anticipating RSA 2015(Network World) Focus on threat detection/response, endpoints, threat intelligence, IAM, cloud, and SDN
Huawei's security warning to Botswana(IT Web Africa) International ICT technologies provider Huawei has warned companies in Botswana to acknowledge existence of cyber crime, urging companies to be proactive
A Clear and Present Danger(Trend Micro: Simply Security) Over the past 5 years there has been a dramatic modernization of Latin American criminality. Non-state actor groups have migrated online for the purposes of cybercrime; counter intelligence against law enforcement; and digital money laundering
iSIGHT Partners Acquires Critical Intelligence(Dark Reading) iSIGHT Partners, Inc., the leading provider of cyber threat intelligence for global enterprises, today announced the acquisition of Idaho- based Critical Intelligence, the leader in cyber situational awareness and threat intelligence for Industrial Control Systems (ICS) owners and operators. Under the terms of the agreement, iSIGHT Partners has acquired 100% of Critical Intelligence, a 6 year old company and pioneer in identifying vulnerabilities and threats to critical infrastructure systems, including supervisory control and data acquisition (SCADA) and other process control systems (PCS)
Cisco goes after Palo Alto/FireEye with new hardware, services(Seeking Alpha) Hoping to counter next-gen firewall leader Palo Alto Networks (PANW +2.7%), threat-prevention hardware/software leader FireEye (FEYE +4.5%), other smaller/share-gaining enterprise security firms, Cisco (CSCO +1.2%) has refreshed its ASA firewall line and rolled out new malware-protection and incident-response services
The Biggest Risks Facing FireEye Inc.(Motley Fool) Cybercrime may be one of the single biggest threats facing businesses today. With criminals looking to exploit security vulnerabilities, companies' trade secrets and customer relationships might be only one major hacking scandal away from being lost forever
2 top small-cap stocks to profit from cyber security(Motley Fool) Data security breaches seem to be in the news on a daily basis at the moment, and Symantec's latest Internet Security Threat Report confirms that cyber threats are indeed growing. There were 253 security breaches in 2013 up from 156 in 2012. Even more concerning is that a total of 552 million identities were exposed in 2013, compared to 93 million in 2012. Savvy investors will be wondering how they can profit from this alarming trend
CEO Sees CyberArk As Refuge In Sea Of Cyberattacks(Investor's Business Daily) A secure place in stormy seas. That's what Udi Mokady and co-founder Alon Cohen envisioned when they decided that CyberArk Software (NASDAQ:CYBR) was the right name for their fledgling network security firm in 1999
Secunia Appoints Security Industry Veteran to CTO Post(Secunia) Secunia, a leading provider of IT security solutions for vulnerability management, today announced the appointment of long-time security industry veteran Santeri Kangas as Chief Technology Officer. Kangas will head up the company's Product and Technology Group
Waverley Labs Appoints James A. Holtzclaw General Manager, Federal Programs(Power Engineering) Waverley Labs, a leading digital risk management (DRM) company, today announced the appointment of James A. Holtzclaw as General Manager, Federal Programs. In the new position, Holtzclaw will oversee Waverley Labs corporate federal services for digital risk management (DRM) solutions supporting the Federal Government — including the Intelligence Community (IC) and the Department of Defense (DoD)
DOSarrest External Monitoring Service Launches iOS and Android App(Sys-Con Media) DOSarrest Internet Security, a fully managed cloud based DDoS protection service, today announced that their DOSarrest External Monitoring Service (DEMS), a real-time website monitoring tool, launches a new iOS and Android application for clients. This application is a complimentary service to all DOSarrest clients who are subscribed to DOSarrest's industry leading DDoS protection service. The new mobile application on iOS and Android will allow clients to easily access and view their website(s) status and performance in real-time 24/7/365, as well as enable them to historically view all of the statistics for up to 1 year from 8 globally distributed sensors
Man in the Middle Attacks Also Threaten Mobile Security(Charon Technologies) While most typically mentioned with the security issues surrounding unsecure WiFi access points, Man in the Middle attacks can happen on almost any device and can lead to your communications being compromised. Lately, the most disconcerting Man in the Middle (MITM) attacks have been aimed at cell phones. MITM attacks against mobile phones are particularly worrisome because they result in enabling the attacker to identify an individual's location, eavesdrop on conversations, and intercept and manipulate SMS messages from the victim's phone
Mobile Call Interception is Affecting You(Charon Technologies) If your job involves security or intelligence, trade secrets, or research and development, you are a target for mobile call interception. When you use your mobile phone, either at work or in your personal life, you can't guarantee that you're actually connecting with a legitimate cell tower. While you might think your phone is connected to a secure AT&T or Verizon network, it's possible that your phone is connecting to a "rogue tower" without you knowing it — and that your calls and data are under surveillance
Thycotic Announces HSM Integration with Thales(Sys-Con Media) Thycotic, a provider of smart and effective privileged account management solutions for global organizations, today announced that its flagship solution, Secret Server, can now be used with Thales hardware security modules (HSMs)
Is Offensive Security the Future?(Tripwire) Having been the only UK person to attend, sit on a Panel and to have presented at the ISMG APT Summit in Atlanta, I have returned home refreshed, invigorated, and completely motivated by the multiple experiences I enjoyed with my US colleagues, who again demonstrated they do 'git-it' when it comes to the "cyber challenge"
Containing Security(Dark Reading) How to identify the appropriate security for your container-based virtual applications
How To Make Passwords Obsolete(InformationWeek) Why do we still rely on the human-memorized password for authentication? Here are seven alternatives worth considering
Insecure Passwords or Insecure People?(Infosecurity Magazine) For all the talk about multi-factor authentication and the mainstream adoption of biometrics, passwords are not going away. Whilst there are more secure alternatives, and other authentication methods that can be used alongside the humble password, like it or not, the password is going to be around for a long time
White House Executive Order Declares Cyber National Emergency(Threatpost) U.S. President Barack Obama last week issued an Executive Order declaring a national emergency and deputizing the Treasury Secretary and Attorney General to apply sanctions and other consequences for international actors deemed to have engaged in "cyber-enabled activities" detrimental to U.S. national security, foreign policy, economic health or financial stability
Obama's War On Hackers(Dark Reading) Cybersecurity legislation, for the most part, is a good idea. But not without protections for bug bounty programs and other vital, proactive security research
Talking About Section 215: A Readers' Guide(Just Security) Media coverage of John Oliver's critique about the lack of discussion surrounding government surveillance programs seems to prove his point. Much, if not most, of the attention given to Sunday night's episode of Last Week Tonight has focused on Oliver's interview with Edward Snowden instead of focusing on the fact that the law governing one of the most heavily-criticized surveillance programs is up for potential reauthorization in less than two months. We're talking about Section 215 of the Patriot Act, the provision allowing the NSA to collect vast quantities of Americans' phone records
Navy to launch new cyber strategy(C4ISR & Networks) The Navy's cyber component will soon release a new cyber strategy that centers on five key goals for modernizing the service's cyber operations, according to a top Navy official
Has the U.S. lost technological supremacy?(C4ISR & Networks) Technology in general and digital technology specifically has impacted every aspect of our daily lives. Our dependency on it will only grow as we move toward 2020. Let's face it: Our nation's economic well-being and national security are substantially dependent upon digital technology. That's what makes the following figures so troubling
DOD's IPv6 transition lags(FCW) The Department of Defense first laid out plans to convert its network to the Internet Protocol Version 6 standard in 2003. While DoD has hit several milestones along the way, a lack of a coordinated effort on the part of the CIO office and U.S. Cyber Command prevented an enterprise-wide switchover, according to a recently declassified inspector general report
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
10th Annual Cyber and Information Security Research Conference(Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are...
Cyber Risk Wednesday: The future of Iranian cyber threat(Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts...
Cyber Threats Masterclass(Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge...
InfoSec Southwest 2015(Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter,...
NIST IT Security Day(Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security...
Cybergamut Tech Tuesday: Tor and the Deep Dark Web(Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...
Cyber Security Summit: Industrial Sector & Governments(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored...
Cyber Security Summit: Fnancial Services(Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective...
INTERPOL World 2015(Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from...
Mid-Atlantic ISSA Security Conference 2015(Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current...
IIT Cyber Forensics and Security Conference and Expo(Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes...
RSA Conference 2015(San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference(Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise.
Security Forum 2015(Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives...
CyberTexas / CyberIOT(San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection...
INTEROP Las Vegas(Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities,...
2015 Synergy Forum(Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.