ISIS "hacking" raises hackles in the US and (more so) in Australia, as the soi-disant Caliphate's sympathizers dox military members and others. US Defense sources think the personal information released — email addresses, passwords, etc. — is out-of-date and unlikely to be useful, but authorities in both countries are watching the situation. ISIS-watchers note the significance of October 15, the date of ISIS's supersession of al Qaeda in Iraq, for possible attack planning. (French security services also warn of a heightened ISIS threat this weekend — Saturday's Feast of the Assumption, a Christian holy day, is occasioning some jihadist chatter.)
US-CERT warns of a Lenovo Service Engine bios vulnerability and urges mitigation; observers see the issue arising from bloatware. Salesforce, Cisco, SAP, and Docker also address potential security issues. One of Microsoft's patches this month addresses a USB infection vector.
Oracle's recent invective against reverse engineering (quickly taken down, but the Internet remembers) receives the sort of industry response one would expect.
Those of you whose interactions with the criminal justice system have been less than fully successful will find news you can use in the proof-of-concept disabling and removal of a court-ordered tracking bracelet.
Industry observers look at threat intelligence and find it wanting: too much glare of war. TruSTAR gives Dark Reading its take on the operational, regulatory, and technical implications of intelligence sharing.
US companies tell the President they want him to do something about Chinese industrial espionage. The US Congress plans a cyber legislative push upon returning from recess.
Today's issue includes events affecting Australia, China, Cyprus, France, Guatemala, India, Indonesia, Iran, Iraq, Kazakhstan, Malta, Peru, Romania, Russia, Syria, Thailand, Ukraine, United Kingdom, United States, Uzbekistan, and Vietnam.
Cyber Attacks, Threats, and Vulnerabilities
Australians exposed in I.S. cyber attack(Sky News) The details of a Victorian MP, NSW public servants and defence force workers and their relatives have been published by hackers claiming to be from Islamic State, Fairfax Media reports
Tinba Trojan Sets Its Sights on Romania(IBM Security Intelligence) While Romania is widely suspected of being home to a large amount of cybercriminals — even with one city dubbed by some as "Hackerville" — we seldom see it targeted by those who attack Western countries
VOIP Fraud: Brute Force & Ignorance(Team Cymru) The topic of VoIP fraud seems to ebb and flow within the IT-industry press, but struggle to break the surface of mainstream media. Specialist publications report flaws in commonly-used home routers and widespread campaigns against corporate VoIP PBXes while these stories are bypass the general public completely
Yes Virginia, Stored XSS's Do Exist!(Internet Storm Center) When you go through website security, Cross Site Scripting (XSS) is almost always discussed. Almost exclusively, Reflected XSS is the main topic, and it almost always covers the lion's share of the demonstrations and vulnerabilities found. Mainly because Stored or Persistent XSS is harder to find
Scammers exploit mobile ads for easy profit(Help Net Security) Pop-up ads targeting mobile device users are, arguably, one of the most annoying things in existence. But did you know that they could also make you inadvertently spend small amounts of money for effectively accessing a website you never wanted to visit in the first place?
Would you click on this?(Graham Cluley) I've received an email, apparently from a PR agency based in San Francisco. The PR agency is real, with real clients, and real offices. But the email is bogus
How to disable a car's brakes just by sending an SMS(Hot for Security) Last month, security researchers grabbed the headlines dramatically by demonstrating how they had found a way to remotely hack into a Jeep as it drove down the highway at 70mph, mess with its controls, and cut its engine. Car manufacturer Chrysler was compelled to recall 1.4 million cars for a security update in response
Security Patches, Mitigations, and Software Updates
Salesforce Closes Door to Hack Attacks(Top Tech News) An injection vulnerability that could have opened the door to hackers has been patched by Salesforce after security Relevant Products/Services researchers notified the company of their discovery. The vulnerability, which existed in a subdomain of the Salesforce.com cloud-based CRM Relevant Products/Services platform, could have paved the way for phishing e-mails that looked legitimate because they would have appeared to come from within the application itself
Lenovo Service Engine (LSE) BIOS Vulnerability(US-CERT) Certain Lenovo personal computers contain a vulnerability in LSE (a Lenovo BIOS feature). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system
Evolution in Attacks Against Cisco IOS Software Platforms(Cisco) Cisco PSIRT has contacted customers to describe an evolution in attacks against Cisco IOS Classic platforms. Cisco has observed a limited number of cases where attackers, after gaining administrative or physical access to a Cisco IOS device, replaced the Cisco IOS ROMMON (IOS bootstrap) with a malicious ROMMON image
SAP Security Patch Day — August 2015(SAP Community Network) This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAP products. SAP strongly recommends that the customer visit the Support Portal and apply patches on a priority to protect his SAP landscape
SAP Security Notes August 2015(ERPScan) SAP has released the monthly critical patch update for August 2015. This patch update closes 22 vulnerabilities in SAP products, 15 have high priority, some of them belong to the SAP HANA security area. The most popular vulnerability is Cross Site Scripting (XSS). This month, three critical vulnerabilities found by ERPScan researchers Dmitry Chastuhin, Vahagn Vardanyan, Roman Bejan were closed
Momentum Builds for Killing Flash(Infosecurity Magazine) What is the source of the greatest security risk facing companies and individuals today? A recent survey suggests that it's those gadgets and various screens with which we spend an inordinate amount of time — followed by one main software piece: Adobe Flash
Revisiting takedown wins: Are users in the developing world getting left behind?(Help Net Security) We have all seen the headlines: another botnet dismantled, and we can all rest easy that the threat that has been plaguing us for all those years is now no longer an issue. After the headlines, however, the hardest task begins — a task that garners no headlines and really typifies the challenge that all of us within the information security industry face
Looks like mobile device security is on nobody's mind(Help Net Security) Despite recent high-profile data theft attacks, much of the American workforce has not taken action to protect information on their personal and corporate-issued devices. Citrix found that the majority of people have not installed security software on personal devices, strengthened their Wi-Fi password or changed their passwords more frequently
4 Cyber Security Stocks that Posted Solid Q2 Earnings(Nasdaq) The second-quarter earnings season is almost over with less than 10% of the companies left to report their results. In the broader technology sector, cyber security stocks stole the show as most of the players beat our earnings and revenue estimates, and issued upbeat guidance
Insider Buys Are Telling Something: A10 Networks Inc (NYSE:ATEN), Apollo Investment Corp. (NASDAQ:AINV), AmerisourceBergen Corp. (NYSE:ABC)(Wall Street Point) Insider Trading is the buying or selling of a security by someone who has access to material, nonpublic information about the security. Insider trading is legal once the material information has been made public, at which time the insider has no direct advantage over other investors. The SEC, however, still requires all insiders to report all their transactions. So, as insiders have an insight into the workings of their company, it may be wise for an investor to look at these reports to see how insiders are legally trading their stock
Cisco CEO: Cybersecurity acquisitions are coming(CNBC) Networking giant Cisco Systems reported its first quarter with CEO Chuck Robbins at the helm, since the retirement of long-time CEO John Chambers. And while the stock has been stalled recently, Jim Cramer thinks that the company is moving in the right direction
Why Oracle CSO attempt to shoot the messenger is misguided(CSO) Mary Ann Davidson, CSO of Oracle, unleashed a firestorm of controversy this week thanks to a misguided and ill-advised blog post. Davidson ranted about customers doing independent vulnerability scans to detect flaws in Oracle code and stressed that any poking around in the Oracle code is a violation of the licensing terms of service
Facebook Awards $100,000 for New Class of Vulnerabilities and Detection Tool(Threatpost) Facebook tonight awarded a $100,000 prize to a team of Georgia Tech researchers who found a new class of browser-based memory-corruption vulnerabilities and built a corresponding detection technique. The award brings the social media giant on par with Microsoft and its six-figure payouts for mitigation bypasses and new defensive techniques for those bypasses
BlackBerry Joins the National Cyber Security Alliance (NCSA)(MarketWatch) The National Cyber Security Alliance (NCSA), a nonprofit public-private partnership focused on helping all digital citizens stay safer and more secure online, today announced that BlackBerry Corporation, a global leader in mobile communications, has joined the organization
SAP Security Awareness: vulnerabilities are changing the SAP Security market(ERPScan) SAP Security Awareness is constantly growing. First of all, at the BlackHat's Pwnie Awards, on August 6, vulnerability in SAP Compression algorithm won the first prize for Best Server-Side vulnerability. This is the second time SAP vulnerability highlighted in the Pwnie awards. In 2013, the vulnerability in SAP Router identified by ERPScan's Researcher was nominated for best server-side vulnerability
Putting Hardware Hacking on the OEM Radar(EBN) In a world with an increasingly complex security landscape, hacking has gone well beyond corporate web sites and consumer's computers. More than ever before electronics OEMs need to be aware of the complex and multinational nature of hardware hacking, and plan their supply chain accordingly
Fortinet introduces new cloud-managed WLAN access points(FierceEnterpriseCommunications) Fortinet launched a new series of wireless LAN access points that are managed by its FortiCloud management system. The new FortiAP-S series of APs are being touted as secure Wi-Fi APs with Fortinet's cybersecurity technology running right on them
DISA evaluates SDN to guard mission-critical networks(C4ISR & Networks) The network is mission critical for members of the defense and intelligence communities. Software-defined networking (SDN), an emerging technology that brings the application and network layers closer together to create an entirely new architecture, is fundamentally changing the way networks are built and configured
ERM: Discussing Fatness of Tails in Risk Models(WillisWire) Most decision makers are familiar with the statistical average and standard deviation measures. But risk management typically focuses on unlikely "tail" events. The financial crisis helped popularize the term "fat tails" to represent the idea that these extreme events are more likely than we might have believed. To move beyond "thin tailed" models, we need a way to describe the fatness of the tail
Hacker Disables House Arrest Ankle Bracelet(Softpedia) William Turner presented a talk at the DEF CON 2015 security conference in Las Vegas, detailing a method through which ankle tracking bracelets used by police forces around the globe can be disabled and allow criminals to get away
DoD's Cyber Perfect Storm: The Growing Threat Meets The Evolving Network(Lexington Institute) Yesterday's report that the Department of Defense had to shut down the Joint Chiefs of Staff's unclassified e-mail system should come as no surprise to anyone. DoD networks are under continuous attack, 250,000 a day by some estimates, ranging from curious teens to the advanced persistent threat and malicious insiders
It's time to break down the regulation barriers to cloud adoption(CloudTech) There is no doubt that cloud computing has now achieved mainstream deployment in the UK. Recent research from the Cloud Industry Forum (CIF) found that some 78% of UK organisations have adopting at least one cloud based service, an increase of 15% over previous figures. More telling is that turning to the cloud is now not just the reserve of large blue-chip organisations, with 75% of SMEs also embracing cloud technology
Litigation, Investigation, and Law Enforcement
SEC charges 32 in press release hacking, stock trading scheme(CSO) Indictments unsealed Tuesday in the district courts for New Jersey and Eastern New York accused the DOJ defendants of stealing approximately 150,000 confidential press releases from the servers of Marketwired, PR Newswire Association and Business Wire
SEC's Catching of PR Hackers is a Compelling Story(Equities) For any of you who have written or issued confidential press releases, there is always that moment where you observed how easy it would be to access this information and how little security there was protecting this information
Bitcoin's Dark Side Could Get Darker(Technology Review) Investors see riches in a cryptography-enabled technology called smart contracts — but it could also offer much to criminals
N.S.A. Used Phone Records Program to Seek Iran Operatives(New York Times) The National Security Agency has used its bulk domestic phone records program to search for operatives from the government of Iran and "associated terrorist organizations" — not just Al Qaeda and its allies — according to a document obtained by The New York Times
'Top Secret' emails found as Clinton probe expands to key aides(McClatchy) As pressure builds on Hillary Clinton to explain her official use of personal email while serving as secretary of state, she faced new complications Tuesday. It was disclosed her top aides are being drawn into a burgeoning federal inquiry and that two emails on her private account have been classified as "Top Secret"
Why Hillary's email server is important(Graham Cluley) US Presidential candidate Hillary Clinton has found herself the subject of an investigation into emails that she sent from a personal mail server — clintonemail.com — while she was Secretary of State
Report: John Brennan drafted apology to senators for CIA hacking(Politico) Last July, CIA Director John Brennan nearly apologized to Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.) and ranking member Saxby Chambliss (R-Ga.) in a letter for the CIA’s hacking into the computer network of committee staffers
Crackdowns Haven't Stopped the Dark Web's $100M Yearly Drug Sales''(Wired) After more than four years and two giant law enforcement busts, the Dark Web's drug market is still just as robust as it was during the Silk Road’s heyday. In fact, according to a new study, it's now moving well over $100 million of illegal substances a year, and it's recovering from every new scam-induced setback and government crackdown faster than the last one
Man calls police 'slackers' on Facebook, falls foul of Spain's new 'gag law'(Naked Security) Protesters involved in Spain's anti-austerity movement have tried to prevent housing evictions, taped over their mouths, projected holograms of virtual protesters on the portico of the main Parliament building, and climbed atop a construction crane to hold up a sign protesting the country's new gag law, which specifically prohibits protesters from scaling buildings or monuments without permission
New FBI-DOD Biometric Center Will Help Combat Threat of Terrorism(FBI) This week, the FBI dedicated its new 360,000-square-foot Biometric Technology Center (BTC), located on the campus of our Criminal Justice Information Services (CJIS) Division in Clarksburg, West Virginia. The BTC, an enhancement of the ongoing collaboration between the FBI's Biometric Center of Excellence and the Department of Defense's Forensics and Biometrics Agency, will — once fully operational — encourage even more joint biometric investigations, along with additional research and development
Facial Recognition Software Moves From Overseas Wars to Local Police(New York Times) Facial recognition software, which American military and intelligence agencies used for years in Iraq and Afghanistan to identify potential terrorists, is being eagerly adopted by dozens of police departments around the country to pursue drug dealers, prostitutes and other conventional criminal suspects. But because it is being used with few guidelines and with little oversight or public disclosure, it is raising questions of privacy and concerns about potential misuse
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
USENIX Security(Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...
5th Annual Cyber Security Training & Technology Forum (CSTTF)(Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...
Decepticon 2015(Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...
AFCEA OKC Technology & Cyber Security Day(Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...
Power Grid Cyber Security Exchange 2015(San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...
2015 HTCIA International Conference & Training Expo(Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015(Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.