Marketers look at why people join ISIS/Daesh, and their findings aren't too surprising: recruits want status, identity, revenge, redemption, responsibility, thrills, ideological triumph, justice, or death (roughly in that order). And those motives shape Daesh information operations.
An unusual DDoS amplification attack last week on the thirteen Internet root name servers, now disclosed and under discussion, puzzles observers. How it was carried out isn't too mysterious (probably through a large botnet), but why it was undertaken remains unknown. Few users would have noticed the attack, but Root Server Operations certainly did.
Bugsec and Cynet describe a vulnerability (they're calling it "FireStorm") in next-generation firewalls. It appears to enable an attacker to extract data through the firewall with only a TCP handshake.
Several companies, mostly in the travel or tourism business, are "scrambling" to encrypt the mobile apps their customers used for payment. Reports suggest that as many as half-a-million people a day have been losing their credit card information.
Singapore banks warn that a bogus WhatsApp update is stealing paycard information.
British universities are still working to mitigate the DDoS attack that's been interfering with their Janet network.
Chinese authorities defend censorship as international talks on Internet governance approach.
Passcode looks at Iran's cyber operational capabilities and sees long-term preparation for asymmetric warfare. Politico looks at corresponding American capabilities, thinks they're really good, and wonders when the Americans are going to start really using them.
Governments in Europe and North America show uneasy tension between aspirations for security and surveillance.
Today's issue includes events affecting Australia, China, European Union, Iran, Iraq, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Nigeria, Singapore, South Africa, Syria, United Kingdom, United Nations, United States.
Events of 2015-11-30(Root Server Operations) On November 30, 2015 and December 1, 2015, over two separate intervals, several of the Internet Domain Name System's root name servers received a high rate of queries. This report explains the nature and impact of the incident
FireStorm: Severe Security Flaw Discovered in Next Generation Firewalls(Bugsec Blog) BugSec Group and Cynet discovered a severe vulnerability in Next Generation Firewalls. Head of Offensive Security Stas Volfus uncovered the vulnerability, code-named FireStorm, which allows an internal entity or malicious code to interact and extract data out of the organization, completely bypassing the firewall limitation. It was discovered that the firewalls are designed to permit full TCP handshake regardless of the packet destination
Airline Customers' Data Exposed by HTTPS Hole — Report(Infosecurity Magazine) Serious security holes have been found in the mobile sites and apps of several big name airline and rail companies, exposing payment data and sensitive personally identifiable information (PII)
Watch out for malware disguised as unpaid invoices!(Hot for Security) Once again email users are being warned to be wary of unsolicited attachments arriving in their inboxes after online criminals spammed out a malware campaign designed to infect recipient's computers
Cyber attackers using bitcoin, despite traceability(CNBC) It's been used for illicit dark web drug deals, it may well be the future of banking, and it's driving speculators on a wild ride — bitcoin is many things to many people. For an increasing number, however, the cryptocurrency is a tool for extortion
Security Patches, Mitigations, and Software Updates
SAP Security Notes December 2015 — Review(ERPScan) SAP has released the monthly critical patch update for December 2015. This patch update closes 26 vulnerabilities in SAP products (19 Patch Day Security Notes and 7 Support Package Security notes), 16 of which are high priority
US named 'least trusted' nation on data privacy, data security(FierceBigData) According to a just released Ovum survey [reg. req.], a global technology research and advisory firm, conducted on behalf of SaaS provider Intralinks, the U.S. is the "least-trusted nation" in regards to data privacy and secure data storage practices
Retailers are unaware of sensitive data leaks(Help Net Security) A significant amount of retailers assign the same login credentials to employees and do not know if employees have leaked sensitive data — in spite of the majority claiming full confidence that their sensitive information is sufficiently protected
Cyber Risk to Healthcare Sector Continues to Grow, FBI Says(Health Data Management) Hackers are targeting the healthcare industry because of the abundance of personally identifiable information and protected health information, as well as inherent cybersecurity vulnerabilities, and the trend will continue to grow
Opinion: When it comes to privacy, youth sports strike out(Christian Science Monitor Passcode) Youth sports teams collect lots of personal information about kids — addresses, photos, birthdays — but often don't do a good job of protecting the data. Parents can change that by trying to ensure leagues properly collect, store, and eventually delete young players' details
L-3 Communications (LLL) to Shed NSS Business for $550M(Zacks) Aerospace and defense company L-3 Communications Holdings Inc. (LLL – Analyst Report) announced that it has signed a definitive agreement to sell its National Security Solutions ("NSS") business to CACI International Inc. (CACI – Analyst Report) for $550 million in cash
Another Cybersecurity Firm Looks To Go Public(PYMNTS) Bloomberg Business is reporting that Blue Coat Systems has been taking pitches from investment banks for an initial public offering. This comes just nine months after the Internet security provider was acquired by private equity firm Bain Capital Partners LLC
Illumio's PJ Kirner Named an Innovator of the Year(MarketWired) Illumio CTO and founder PJ Kirner has been named a silver winner in the Innovator of the Year category by Best in Biz Awards, the only independent business awards program judged by members of the press and industry analysts
Products, Services, and Solutions
RiskIQ Makes Facebook Threat Intelligence Accessible to Security Researchers(VAR Guy) Security and visibility and intelligence provider RiskIQ has integrated its PassiveTotal threat analytics platform with Facebook's threat intelligence sharing platform, giving its customers broader access to data that could help them prevent and protect against Internet security threats and improve their overall security posture, the company said
Turn the Cyber Kill Chain against your attacker(Help Net Security) As businesses move to the cloud, the rapid adoption of Infrastructure as a Service (IaaS) is no surprise. Unfortunately, securing the cloud and the data within it is no easy task
IT Support to Ensure Data Security is Vital(Information Security Buzz) Even with the increase of awareness and development of sophisticated technology used to counter these attacks, hackers still manage to find their way into confidential data
Thinking outside the product box(CSO) The dynamic nature of the cyber threat landscape guarantees that the threats and the actors behind them are always evolving, increasing in sophistication in order to circumvent the most robust security devices
New CSUF center elevates cybersecurity studies(Orange County Register) When a stranger is at your door, do you casually step aside and allow them to enter your home without knowing anything about them or their reason for visiting?
Bull in a china shop approach to fighting bane of cyber crime(Times Live) As it did with the infamous "Secrecy Bill", which criminalises journalists and whistle-blowers for possessing and disseminating state information, the government has adopted a hopelessly broad and overzealous approach in its attempt to combat the growing scourge of cyber crime
The Imperatives of Cyber Security(This Day Live) Given the new dimension of global cyber attacks, Emma Okonji writes on the need for Nigeria to align with the rest of the world to address insecurity in cyberspace
America's secret arsenal(Politico) It's one of the biggest secrets in the government: The U.S. has the most powerful cyberweapons on Earth. So what are they? And when will we use them?
Cleaning Up U.S. Cyberspace(Council on Foreign Relations) The U.S. government's effort to persuade other countries to adopt norms of responsibility for cyberspace faces a significant obstacle: computers located in the United States host much of the malicious software used to carry out cyberattacks
Bill requiring reporting of social media terrorist content is back(Naked Security) A pledge of allegiance to the Islamic State (IS) — otherwise known as Daesh — that might have been posted to Facebook by suspected terrorist Tashfeen Malik has prompted US lawmakers to revive a bill that would require technology companies such as Facebook and Twitter to report suspected online terror activity
White House reviewing cyber compromise(The Hill) The White House is reviewing a near-final draft of major cybersecurity legislation that would encourage companies to share more data on hackers with the government, according to multiple people with direct knowledge of the negotiations
Security pro urges prez candidates to prioritize cybersecurity(SC Magazine) Although the overflow of rhetoric early in the political season has left very little room for numerous issues in the runup to next year's presidential election, Bit9+Carbon Black Chief Security Strategist Ben Johnson is hoping to raise the profile of cybersecurity and put it on candidates' docket in time for the next debate
Air Force activates five new cyber squadrons(Defense Systems) The Air Force is putting its expanding cyber workforce in place, with the service's cyber wing announcing that several new cyber groups were activated at the beginning of the month
Wyndham settles U.S. data breach charges, in an FTC first(Reuters) The Federal Trade Commission has settled a lawsuit accusing hotel group Wyndham Worldwide Corp (WYN.N) of failing to properly safeguard customer information, in a case arising from three data breaches affecting more than 619,000 customers
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Program on Cyber Security Studies (PCSS)(Garmisch-Partenkirchen, Germany, December 2 - 17, 2015) The Marshall Center has developed a comprehensive program to explore the increasing domestic, international and transnational challenges in cyber security. Our goal is to provide a comprehensive, policy-focused,...
ACSAC (Annual Computer Security Applications Conference)(Los Angeles, California, USA, December 7 - 11, 2015) ACSAC is one of the most important cyber security conferences in the world, and the oldest information security conference held annually. Researchers, government representatives, academia and security...
SANS Institute: Information Security Training(Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...
cyberSecure(New York, New York, USA, December 15 - 16, 2015) Today's business leaders recognize that a multi-disciplinary approach is critical to protecting the bottom line. What's too often missed is a vision that incorporates best practices that allow you add...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.