skip navigation

More signal. Less noise.

Daily briefing.

AFP reports that, after realizing considerable information operations success online, Islamist groups are now beginning to shy away from the Internet, fearing that intelligence services are using it as a tool against jihad.

FireEye offers an account of the Syrian civil war's cyber antagonists. (Note the reappearance of traditional espionage tradecraft.)

More warnings of cyber attacks on critical infrastructure appear, and Tripwire at least thinks these amount to more than the usual FUD background noise.

Fresh ransomware campaigns circulate in the wild, some targeting mobile devices.

Over 100,000 Facebook users have been reportedly infected with malware in the past few days — observers of the campaign suggest those responsible used video and tags to facilitate their attacks.

Atlassian resets some HipChat passwords after observing "suspicious activity."

Pirate Bay returns from suspension, and security analysts warn that the service comes freighted with risk.

Denial-of-service attacks often look like something done just for the lulz (see, for example, the recent Taylor Swift capers) but Nexusguard thinks such apparent coup-counting may actually be DDoS-for-hire marketing ploys.

Cyber security received its fair share of attention at Davos, but at least one authority, the City of London Police commissioner, advances the gloomy view that it will take a catastrophic attack on a major multi-national firm to motivate real improvements in security.

As more industry voices call for recognizing cyber attacks as "war," various governments look to their tactics. The UK is said to be considering Orde Wingate's WWII Chindits as a model for a cyber force.

Notes.

Today's issue includes events affecting China, Colombia, France, Germany, Iraq, Malaysia, Pakistan, Sweden, Syria, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Jihadists Increasingly Wary of Internet, Experts Say (AFP via SecurityWeek) After having used the Internet profusely for propaganda and recruitment, jihadist organizations have realized that investigators are gleaning crucial information online and are increasingly concealing their web presence, experts say

Behind the Syrian Conflict's Digital Frontlines (FireEye Blog) Cyber espionage is traditionally understood as a method aimed at achieving an information edge or a strategic goal. However, our research on malware activity related to the ongoing conflict in Syria indicates that such operations can provide actionable military intelligence for an immediate battlefield advantage

Femmes fatales steal Syrian opposition's Skype chats and military plans (Graham Cluley) Danger! Beware seductive women who contact you on Skype! Particularly, if you are working for opposition forces in Syria

Cyberterrorists' Attack on Critical Infrastructure Could Be Imminent (Tripwire: the State of Security) The premise of a January 27, 2015, article by CNBC is that there is good evidence that a cyber attack against nearly any country's critical infrastructure could be imminent. This kind of reporting has become so commonplace, but this doesn't seem like just more FUD (fear, uncertainty, and doubt) journalism

Critical Infrastructure Vulnerable to Cyber Attacks, Experts Warn (NBC Bay Area) "Project Aurora" proved that infrastructure can be physically destroyed through cyber attacks

"RansomWeb": the new attack vector which encrypts website databases (TechWorm) Researchers from High-Tech Bridge have released research on cyber criminals are encrypting website databases and holding them for ransom with "RansomWeb"

Beware of malware on smartphones (Asia One) The new malware that infects and locks computer data until a ransom is paid can just as easily infect smartphones, warned CyberSecurity Malaysia

Outlook for iOS does security STUPIDLY, says dev (Register) Creds stored in cloud, delete button busted

Malware uses video and tags to infect 100,000 people on Facebook (CSO) 110,000 Facebook users said to have been infected within days

Zero-day exploit affects modem/router combo (Kim Kommando) If you're a DSL customer and use a D-Link DSL-2740R model, then you're vulnerable to a proof-of-concept discovered by Bulgarian security researcher Tondor Donev. The attack allows hackers to bypass the router's security and hijack Web traffic

ZeroAccess click fraud botnet coughs back to life (Naked Security) The infamous ZeroAccess botnet is back in the news again

Atlassian resets HipChat passwords after 'suspicious' activity (IDG via CSO) Atlassian has reset the passwords for some users of its HipChat messaging application after personal data and email addresses were accessed, the company said Saturday

Pirate Bay relaunch will expose users to 'serious security risks' (International Business Times) Notorious file-sharing site The Pirate Bay is set to return on Sunday (1 February, 2015) following more than six weeks of down time, prompting security experts to warn of the "significant security risks" faced by users

Pirate Bay back online after Swedish raid (Telegraph) The Pirate Pay is back, seven weeks after a raid by Swedish police knocked it offline

Latest Lizard Squad Twitter hack illustrates the lucrative potential of DDoS attacks (ITProPortal) Bill Barry, executive vice president, Nexusguard, has prepared a comment in light of the recent Lizard Squad hack on Taylor Swift's Twitter account

Nearly half of all DDoS attacks use multiple attack vectors (Help Net Security) Akamai released a new security report that provides analysis and insight into the global attack threat landscape including DDoS attacks

Baby monitor hijacked; change default password urges Foscam (Naked Security) A nanny was spooked on Monday by a cyber creep peeping in on her via a baby monitor while she changed a baby's diaper

Animal shelter works to raise thousands of dollars after cyber-attack (WPTZ) A Vermont humane society falls victim to massive malware attack

Bulletin (SB15-033) Vulnerability Summary for the Week of January 26, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Security Patches, Mitigations, and Software Updates

Microsoft Upgrades Azure SQL Database Service (InformationWeek) Microsoft cloud-database service nears parity with on-premises Microsoft SQL Server with support for larger databases and in-memory performance

Did your BMW just download a security patch? (Graham Cluley) Luxury car manufacturer BMW has rolled out a patch for a security flaw that could have allowed hackers to open the doors of some 2.2 million vehicles

Verizon Wireless to Allow Complete Opt Out of Mobile 'Supercookies' (New York Times) Verizon Wireless, which has been under fire by privacy advocates since late last year, has decided to make a major revision to its mobile ad-targeting program

Cyber Trends

Cybersecurity Concerns Seize Center Stage in Davos (SecurityWeek) If there were any lingering doubts that cybersecurity is a geopolitical issue with global implications, such opinions were cast on the rocks by discussions this past week at the 2015 World Economic Forum in Davos, Switzerland

Only fall of global firm will shake up cyber security (ComputerWeekly) It will take a major global company going down in the wake of a cyber attack to really shake up information security, according to City of London Police commissioner Adrian Leppard

Cyber Crime Economics (NoJitter) The longer a company goes without experiencing an attack, the more complacent it becomes and less likely to adhere to proper security procedures

Do government initiatives increase security awareness? (Help Net Security) New research, by SecureData and Vanson Bourne, investigated the impact government security initiatives had on end-user organizations in 2014, with nearly half (47%) reporting that initiatives have helped them communicate the importance of security across their organization

Time for industry and business to rethink the electronic battlefield (CSO) Over the past two decades, industrialised nations have been systematically pillaged by enterprising nations and criminal organisations that had the foresight to see the opportunities of governments, business, industry and people around the world rushing to connect to the Internet

2015 In Cybersecurity: Sadly, Another Bumpy Year is Ahead (TechZone 360) Unfortunately, 2014 was another "good" year for cyberattacks that siphoned billions of dollars in global economic productivity into criminal hands

Top 3 surprising results from the 2015 Vormetric Insider Threat Report (Sys-Con Media) We had a couple of surprising findings come up in the data for the 2015 Vormetric Insider Threat report this year and I thought I'd highlight my top three here

What IT workplace issues keep CIOs awake at night? (Help Net Security) What worries chief information officers (CIOs) and IT professionals the most? According to a recent survey by Sungard AS, downtime and talent acquisition weigh heaviest on their minds

How The Skills Shortage Is Killing Defense in Depth (Dark Reading) It used to be easy to sell specialized security gizmos but these days when a point product gets pitched to a CSO, the response is likely "looks nifty, but I don't have the staff to deploy it"

A Quarter of Top Legal Officers Have Seen Data Breaches (Recorder) One in four chief legal officers saw a data breach in their companies within the past two years, according to a new study released by the Association of Corporate Counsel. For the health care industry, the ratio is even higher, at almost one in two

Better Safe Than Sorry: How Startups are Staying Protected in Cyberspace (Entrepreneur) Even business intelligence firms can learn a thing or two about doing business in the digital era. Just ask Bowman & Partners, a Roanoke, Texas-based startup that mines a wealth of brand and consumer data to create customer management strategies and marketing initiatives for clients that include Comcast Business, United Healthcare and Windstream Communications

Marketplace

Cyber crime threat stalks fund houses (Financial Times) Cyber crime has the potential to cause serious damage to the reputations of the world's largest fund houses, but risk experts believe the investment industry has been slow to tackle the threat, potentially leaving investors exposed

Data risks give rise to 'cyber insurance' policies (Desert Sun) Molly-Ann Leikin's living room floor is bordered by records, all framed, some brightly polished gold. They are propped almost upright against the wall. She hasn't had the energy to hang them

Comparing America's 3 Largest Security Software & Services Companies (Seeking Alpha) The Security Software & Services industry is expected to outperform the S&P broader market substantially this quarter, underperform negligibly next quarter, then outperform significantly beyond

Investing in Cybersecurity (Wealth Daily) A new arms race is well under way. Not on land, nor underwater, nor in space — but in cyberspace

Symantec's Info Mgmt Spinoff Selects 'Veritas Technologies' Name (Executive Biz) Symantec has said the independent information management company to form from the company's split announced in October will be called Veritas Technologies and that the security business will retain the Symantec name

Panda Security rebrands, sets out five-year growth plan (PCR) Software vendor Panda Security has outlined a new strategic plan after rebranding

Cyber Security Expert Launches Tellagraff, LLC (IT Business Net) Mark Graff, Founder/CEO of Tellagraff LLC, announces that the company is now officially open for business. Tellagraff is an information security consulting firm that helps businesses protect their online assets and operations from cyber attack

L-3 Wins Two NSA Contracts Valued at $367 Million (BusinessWire) L-3 Communications (NYSE:LLL) announced today that its National Security Solutions (NSS) business has been awarded two National Security Agency (NSA) Enterprise Program Management (EPM) contracts worth a total of $367.3 million. The five-year contracts provide systems engineering, acquisition planning, program management and financial management for two of NSA's major mission areas

Google will motivate bug hunters to keep probing its products with research grants (IDG via CSO) Google has expanded its bug bounty programs to cover the company's official mobile applications, and is seeking to stimulate vulnerability research on particular products by offering money in advance to bug hunters

New £3m cyber innovation centre in Gloucester to help protect computer networks from cyber attacks (Gloucester Citizen) A new cyber innovation centre (CIC) is set to open in Gloucester today. Raytheon will officially launch the new unit which has been set up to help protect computer networks from cyber attacks

Microsoft: IoT security is our priority (IT Pro) Redmond welcomed Federal Trade Commission's guidelines on Internet of Things

Benchmark Executive Search Adds New Members to its National Security and Cyber Advisory Board (PRNewswire) Surge in industry demand for cyber experts drives the additions

Cindy Provin of Thales e-Security: On the front lines of cyber-security (Miami Herald) From her perch at the helm of Thales e-Security since 1999, Cynthia Provin has been a key player in the growth of a new industry: data security

Products, Services, and Solutions

Norman Security Suite PRO 11 (PC Magazine) One typical product-line model for security vendors involves a standalone antivirus, a security suite that builds on the antivirus's features, and a top-level mega-suite that adds bonus features to the security suite. Norman handles things a bit differently, withholding Web-based antivirus protection in all but the mega-suite. As a result, Norman Security Suite PRO 11 ($76.95 per year for three licenses) is a better antivirus than the other two Norman products. Even so, it's not a suite you'd want to rely on

LightCyber Unveils Enhanced Breach-Detection Platform (eWeek) The active-breach-detection vendor debuts its new Magna 2.8 platform, which includes enhanced probe and cloud-based threat-intelligence features

The top multifactor authentication products (TechTarget) Multifactor authentication can be a critical component of an enterprise security strategy. Here's a look at the top MFA products in the industry

M2Mi Makes Global Connections To The Internet Of Things Secure And Simple (Mountain View Voice) Billions of things — watches, sensors, vehicles, wells, equipment and more — increasingly need their own network connections — creating the Internet of Things. Consider a shipping container coming to the Port of Oakland on a ship from China

Technologies, Techniques, and Standards

US Army Releases Cyber-Forensic Code to Github (Infosecurity Magazine) The Army Research Laboratory (ARL) is releasing its cyber-forensic framework code publically to help others detect and understand cyber-attacks

Is it still safe to use Windows XP? Security tips for Microsoft?s most popular OS (BT) All good things must come to an end, but if you're still clinging to Windows XP long after its 'use by' date, what can you do to keep it secure?

What Advisors Can Learn From the Sony Hack (ThinkAdvisor) Whoever hacked Sony over the comedy 'The Interview' has offered businesses of all sorts some dramatic — and valuable — lessons on cyber and terrorism insurance

3 Ways to Implement Your Security Needs in Collaboration With Business Stakeholders (Tripwire: the State of Security) You have done your homework and have identified the security needs to protect your business. You put together the business case and presented it to your executives, who approved the spending. Now, it is time to plan the implementation and you have to communicate with your business stakeholder

Industry professionals create framework for measuring HIT value (FierceHealthIT) Healthcare professionals have created a framework for measuring health information technology with a goal of making "HIT evaluations more relevant to the current needs of the healthcare system," according to a paper published at the American Journal of Managed Care

9 common security awareness mistakes (and how to fix them) (CSO) To err is human, but to err in cyber security can cause major damage to an organization. It will never be possible to be perfect, but major improvement is possible, just by being aware of some of the most common mistakes and their consequences

Pennsylvania Security Center: Educating Staff to Protect Data from Cyberattacks (Government Technology) The Security Center of Excellence, set to open in spring, is targeting to educate security staff about protecting data at the state and local levels, and in public schools — and may eventually spread outside Pennsylvania's borders

SafeNet CEO on Data Breach Security (GovInfoSecurity) Regulations, "Snowden Effect" drive encryption strategies

How to determine if insiders should be your primary concern (Help Net Security) We learned throughout our lives that if we experience the same problem over and over again in a certain situation, we should probably change something in our own behavior / attitude and not blame others

Overcoming the daily challenges of a security team (Help Net Security) The constantly evolving cyber threat landscape is resulting in new challenges and approaches for today's security analyst teams

Is it Time for Two CISOs at Large Organizations? (Network World) Enterprises need cybersecurity business AND technical leadership, which may require two senior positions

3 things CSOs can learn from CPOs (CSO) The role of the CSO and CIO has been changing dramatically and sometimes, it can be hard to keep up

Are cloud-based ALM systems safe? (TechTarget) Is it safe to move from on-premises application lifecycle management tools to cloud-based tools?

Identity theft prevention tips and assistance (Help Net Security) Eva Casey-Velasquez is the CEO of the Identity Theft Resource Center, which provides victim assistance at no charge to consumers throughout the United States

Smart tips for raising digital children (Thomaston Times) The Internet is a wonderful place for learning and entertainment, but like the world around us, it can pose dangers if precautions are not taken. Allowing free access puts your child, your computer and your personal data at risk

Doing the Math on Hashing Credit Card Numbers (Jim Shaver) When you put your credit card into a website what happens to it? The goal of this article is to explore some of the possible answers to that question

Check autorun entries with VirusTotal — Autoruns v13 (Infected IO) Version 13 of Autoruns which was release January 29, 2015 includes a very handy feature to check unknown autorun entries with Virustotal "automatically". It's integrated pretty well, you open Autoruns as usual and then just right-click and choose Check Virustotal

Defeat initial packers used in flash exploits using Sulo (Hidden Codes) Using Sulo it is quite easy to defeat the initial packers used in the recent flash exploits. All we need is setting up one VM environment as i mentioned in my previous blog and in Sulo Github page

Anatomy of a browser dilemma — how HSTS 'supercookies' make you choose between privacy or security (Naked Security) HTTP Cookies are great

Legislation, Policy, and Regulation

German spy agency saves millions of phone records, says report (Deutsche Welle) The German government was quick to announce plans to widen data retention against terrorism in response to this month's attacks in Paris. But Berlin already collects far more telecom metadata than many suspected

Psychological cyberwar, or just plain propaganda (IT Security) "The British military," the Independent reported yesterday, "is setting up a specialist force modelled on the Chindits, the commandos who gained renown through their daring missions behind enemy lines in Burma during the Second World War"

Foreign Cyber (In)Security Takes Another Hit in China (Wall Street OTC) China has requested all of their foreign tech collaborators who have businesses on its territory to alter their products before releasing them on the Chinese market

Unifying principle: Federal data breach law (SC Magazine) Is the time right for national data breach legislation? There are signs that this may be the year

Sony hack spurs bipartisan support of cyber security legislation (Business Insurance) Despite general agreement about the issue's urgency for the past several years, Congress and President Obama failed to forge a bipartisan compromise on cyber security legislation. But that may change

Big insurer groups push Senate on cyber security bill (Business Insurance) Thirty-five organizations, including big insurance trade groups, have sent a letter to the U.S. Senate urging the quick passage of a cyber security information-sharing bill that also offers them a safe harbor against frivolous lawsuits

Government Privacy Board to Obama: Shut Down NSA Mass Spying Now (National Journal) The White House has been quiet on surveillance reform since the USA Freedom Act crumbled in the Senate last November

Senator Collins: Intelligence agencies are not equipped to keep America safe (Fortune) Homegrown terrorists are "one of the biggest threats that our nation faces," says the Senator

Department of Energy CIO Says Digital Drive Must Not Be Stunted By Cyber Threats (Forbes) Wary of the cybersecurity threat, with everything from refineries to the power grid and much else in between regarded as strategic infrastructure, the energy sector as a whole is often seen to be behind the IT investment curve

AG nominee Lynch expected to be fighter on cyber crime (The Hill) Attorney General nominee Loretta Lynch is well-suited to help the Justice Department tackle the rising threat of cyber crime, according to lawmakers and former DOJ officials

Stempfley leaving DHS for private sector position (Federal News Radio) The Homeland Security Department is losing one of its longest serving cyber executives. Bobbie Stempfley is heading to the private sector

Litigation, Investigation, and Law Enforcement

Cybercrimes: Pakistan lacks facilities to trace hackers (Express Tribune) The number of Distributed Denial-of-Service (DDoS) events topping 20 gigabits per second (Gbps) in the first half of 2014, were double than those in 2013 as more than 100 attacks at 100Gbps or higher were recorded in the first six months of 2014, Forbes said in a report last July while quoting a research from Arbor Networks

Former Colombian Presidential Candidate Answers to Spy Charges (Telesur) Hundreds protested where Oscar Ivan Zuluaga was being interrogated due to his alleged role in spying on peace talk negotiators

Round Rock man sentenced for stealing 36,000 credit card numbers (KXAN) A Round Rock man is going to federal prison for stealing credit card information from customers at Home Depot. Prosecutors say Daniel Marquardt worked in the IT department for The Home Depot in Austin

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Tax benefit, Catalyst Fund and other financial Incentives for Small Businesses (Columbia, Maryland, USA, February 10, 2015) Rescheduled. Meet the experts! Tax incentives, credits and loans available for small businesses. Learn the details: How to apply for Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits,...

Workforce Development Forum — CyberWorks Information Session (Baltimore, Maryland, USA, February 24, 2015) Are you a technology company that would like to actively participate in growing the right candidates for your open IT and cybersecurity positions? Are you a job seeker interested in pursuing a career in...

Upcoming Events

Cyber Threat Intelligence Summit (Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities

ICSS 2015: International Cyber Security Strategy Congress (Leuven, Belgium, February 4 - 5, 2015) ICSS2015 will present the latest developments and thoughts in the field of cybercrime and cybersecurity and will be a unique gathering of cybercrime experts from all over the world. The objective of the...

Suits and Spooks (Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...

Nullcon 2015 (Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats

Salt Lake City Tech-Security Conference (Salt Lake City, Utah, USA, February 5, 2015) The Salt Lake City Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...

ICISSP 2015 (Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...

2015 Cyber Risk Insights Conference — London (London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...

AFCEA West 2015 (San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.

Cybergamut Technical Tuesday: An Hour in the Life of a Cyber Analyst (Hanover, Maryland, USA, February 17, 2015) Workshop Description: This hands-on workshop will demonstrate how easy it is for a breach to occur by analyzing a virtualized web server environment. Participants will use open source tools such as port...

DEFCON | OWASP International Information Security Meet (Lucknow, India, February 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading...

10th Annual ICS Security Summit (Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...

Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...

NEDForum: Cyber Network Exploitation and Defence: "Darknet & the Primordial Soup of Cyber Crime" (Edinburgh, Scotland, UK, February 27, 2015) Speakers will cover such topics as: "Fear and loathing on Darknet," (Greg Jones, Managing Consultant, Digital Assurance), "Securing the internet of everything" (Rik Ferguson, Global Vice President Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.