Japan's Cyber Defense Institute warns that some Arabic-language blogs discussing ISIS are serving as malware vectors. No attribution, but the Cyber Defense Institute speculates that individuals and firms doing counter-terrorism research are the targets of an organized campaign.
ISIS's own attempts at information operations, based as they are on horrific propaganda-of-the-deed, show signs of prompting a grassroots backlash from the audience they seek to impress. A Forbes op-ed calls US social media complicit in ISIS's online efforts. While this is a little like blaming tire-manufacturers for car-bombings, the piece offers perspective on terrorists' online presence.
Trend Micro outlines Operation Pawn Storm, a cyber espionage campaign targeting iOS. Trend Micro stops short of attribution, but FireEye isn't so shy: they call out Russia's government.
Others report more Russian fingerprints on the Sony hack. Taia Global presents evidence that Russian actors (presumably criminals, not necessarily state organs) have not only been in Sony Pictures' networks, but that they remain there still.
An Internet Explorer flaw opens users to cross-site-scripting exploitation.
Ransomware and adware both continue to surge, as familiar attacks take new turns and gain new capabilities. Banking Trojans also find fresh victims.
On threats within the financial sector, brokers fear insiders most, then criminals. (Terrorists not so much. Such fears continue to shape the cyber insurance market.) Financial service customers take note: your banks, brokers, and wealth managers probably aren't going to cover your losses to hacks.
Hackers aren't necessarily smart, finds Sophos, but they do benefit from their black market.
Today's issue includes events affecting China, Iraq, Japan, Jordan, Democratic Peoples Republic of Korea, Russia, Syria, United States.
1,800 Domains Overtaken by Flash Zero Day(Threatpost) When the Blackhole exploit kit went away after the arrest of its alleged creator and maintainer Paunch, there were questions about which kit would rise up as its successor
Russian Hackers Breached Sony's Network: Report(SecurityWeek) A group of Russian hackers had — and possibly still has — unauthorized access to the network of Sony Pictures Entertainment, according to a report published on Wednesday by Taia Global
Sony Hack Has Cost Its Business $15M So Far(TechCrunch) A large-scale hack of Sony's servers last year brought huge publicity to the company — as employee and industry insider emails leaked, a planned Sony Pictures film release was scrapped and then subsequently rushed out as an online release, and the finger of blame was pointed at North Korea. Reputational damage caused by the incident is all but impossible to quantify
Brokerage Firms Worry About Breaches by Hackers, Not Terrorists(New York Times) The online attack on Sony Pictures Entertainment in the fall that federal authorities linked to the North Korean government raised alarm bells about the hacking threat posed by foreign governments. But brokerage firms based in the United States remain most concerned about an attack carried out by a loose band of hackers or employees with a grudge
Admin alert: Twice as many digital certificates used to sign malware reported in 2014(First Post) By the end of 2014, the company's antivirus database included more than 6,000 of these certificates. Considering the increase in threats related to signing malicious files, Kaspersky experts advise system administrators and users not to trust digital signatures without question, and not to allow signed files to launch purely on the strength of the signature
How to stop a plane(Economist) Over the past several weeks, airlines in America have been the victims of a dramatic spike in social-media bomb threats, according to CNN. No bombs have been found, but because airlines and the American airport security apparatus treat every threat seriously, numerous flights have been delayed, diverted or even cancelled
League of Legends exploit allows attackers to access gamers' accounts(Help Net Security) A string of hacks has revealed the existence of an exploit targeting League of Legends players, which allows the attackers to open up the game's store from a web browser and initiate transactions paid with a user's Riot Points (RP) and Influence Points (IP), two of the in-game currencies
There's No Free Lunch, Even Using Bitcoin: Tracking the Popularity and Profits of Virtual Currency Scams(19th International Conference on Financial Cryptography and Data Security via SMU) We present the first empirical analysis of Bitcoin-based scams: operations established with fraudulent intent. By amalgamating reports gathered by voluntary vigilantes and tracked in online forums, we identify 192 scams and categorize them into four groups: Ponzi schemes, mining scams, scam wallets and fraudulent exchanges. In 21% of the cases, we also found the associated Bitcoin addresses, which enables us to track payments into and out of the scams. We find that at least $11 million has been contributed to the scams from 13 000 distinct
victims. Furthermore, we present evidence that the most successful scams depend on large contributions from a very small number of victims. Finally, we discuss ways in which the scams could be countered
Data Integrity: The Core of Security(SecurityWeek) Data breaches at companies such as Target, Home Depot, Staples, Michaels, eBay, and Sony Pictures Entertainment are raising doubts about whether organizations are investing their security dollars in the right areas
New Target CIO: Bull's-Eye On Innovation(InformationWeek) Target can't ease up on security after its massive data breach, but the retailer must fire up its tech innovation to compete against online rivals
Phil Lacombe Named Parsons Cyber Lead(GovConWire) Phil Lacombe, currently vice president and manager for the information systems and security sector at Parsons, has been appointed to lead the company's cyber initiative
Radware CEO on Identifying Intruders(BankInfoSecurity) Recognizing the behavior of an intruder, rather than relying on digital signatures, will prove to be a better way to prevent hackers from pilfering data and creating havoc in IT systems. That's the view of Radware CEO Roy Zisapel, who attributes his company's success, in part, to the algorithms its mathematicians develop and refine for its security products that can identify when a hacker invades a customer's systems
Unitas Global and Alert Logic Announce Strategic Partnership(BusinessWire) Unitas Global, the leading cloud solution provider, today announced their strategic partnership with Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud. Together, Unitas and Alert Logic will offer clients comprehensive, innovative and secure cloud solutions and services
Cytegic monitors cyber-security threats in real-time(B2B News Network) Say you're concerned about cyber-criminals hacking into your company's back end. You've run risk assessments before but those reports take weeks to compile. You're worried those assessments could come too late. What if could diagnose cyber-security attacks in real-time and be notified immediately of potential solutions?
Technologies, Techniques, and Standards
Cyber security guidance for business(Centre for the Protection of National Infrastructure and Department for Business) Guidance on how organisations can protect themselves in cyberspace
Why You Need to Accelerate 'Time to Compliance'(IBM Security Intelligence Blog) Human beings are creatures of habit. We do things a particular way because that's how we've always done them, and we often continue until someone shows us a better approach
Fighting Cyber Threats While Taking Human Behavior Into Consideration(Tripwire: the State of Security) In today's corporations, information security managers have a lot on their plate. While facing major and constantly evolving cyber threats, they must comply with numerous laws and regulations, protect the company's assets, and mitigate risks as best as possible. To address this, they have to formulate policies to establish desired practices that avoid these dangers. They must then communicate this wanted behavior to the employees so that they adapt and everything can go according to plan. But is this always the case?
Is teamwork the best weapon in data security?(Scalar) Information governance and data security have become hot topics in the public and private sectors of the world, as cybercrime remains one of the most significant threats to economic and financial stability. While modern tactics and the deployment of advanced data security and network monitoring software are certainly important steps in the right direction for all organizations, the group-think approach to relevant intelligence building might have the highest level of merits out there
Google, Amazon, Microsoft pay to get ads past Adblock Plus(Naked Security) Ad-buying big boys Google, Amazon, Microsoft and the content marketing platform Taboola have quietly ponied up the money to keep their ads from being blocked on Adblock Plus, the world's most popular software for blocking online advertising
The Four Stages Of A Small Business Under Cyber Attack(B2C) With the growing number of cyber attacks on businesses — including Target, Home Depot, Kmart, and Staples — attacks can easily seem commonplace in today's increasingly connected world. Cyber attacks lead to exposed personal, financial and business information. These exposed documents may jeopardize the security of your customers' or employees' identities, create fraud within your business or simply leave you with a hefty IT bill to repair the damage
China's Great Firewall Is Rising(Foreign Policy) Technology and political will are converging to create a seamless nationwide Intranet — amid growing netizen anger
White House readies cyber executive action(The Hill) The White House is expected to release an executive action next week expanding administration efforts to facilitate cybersecurity information sharing between the private sector and Department of Homeland Security
Obama's Surveillance Reform Extends Unmatched Privacy to Foreigners(Foreign Affairs) Though criticized by advocates for not going far enough, an Obama administration report Tuesday on steps to protect privacy and civil liberties has nevertheless achieved at least one thing: extending to foreigners the same protections available to Americans
Securing the Nation's Ports Against Cyberterrorism(In Homeland Security) Ports contribute approximately $3.15 trillion in business activity to the U.S. economy and handle more than 2 billion tons of domestic, import and export cargo annually, according to the American Association of Port Authorities (AAPA). So it is no surprise that physical protection and cybersecurity of ports is a high priority
Litigation, Investigation, and Law Enforcement
Show Me the Terrorists' Money? Easier Said Than Done(Cicero) ISIS is officially the richest terrorist group in existence. Through its illicit oil sales — worth between $1 million and $2 million a day — as well as kidnapping and extortion networks, robbery, front companies, racketeering, and outside donations, the group has amassed a $2 billion fortune
Digital Evidence Requires an Understanding of 'Cyberlaw'(Irish Times via Forensic Magazine) How is the criminal justice system learning to cope with the unique complexities of digital evidence, with the analysis of mobile phone data, satellite imagery and emails? And that's before you add in all the potentially sensitive material on social media sites such as Facebook, Twitter, YouTube, Flickr and Instagram
Silk Road Creator Faces Overwhelming Evidence(AP via Forensic Magazine) Silk Road Creator Faces Overwhelming EvidenceIn closing arguments, a prosecutor urged jurors to follow the "digital fingerprints" of the San Francisco man who created the underground website Silk Road and to convict him of operating a worldwide online drug network
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Cyber Threat Intelligence Summit(Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities
ICSS 2015: International Cyber Security Strategy Congress(Leuven, Belgium, February 4 - 5, 2015) ICSS2015 will present the latest developments and thoughts in the field of cybercrime and cybersecurity and will be a unique gathering of cybercrime experts from all over the world. The objective of the...
Suits and Spooks(Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...
Nullcon 2015(Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats
Salt Lake City Tech-Security Conference(Salt Lake City, Utah, USA, February 5, 2015) The Salt Lake City Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...
ICISSP 2015(Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...
2015 Cyber Risk Insights Conference — London(London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...
AFCEA West 2015(San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
DEFCON | OWASP International Information Security Meet(Lucknow, India, February 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading...
10th Annual ICS Security Summit(Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...
Workforce Development Forum — CyberWorks Information Session(Baltimore, Maryland, USA, February 24, 2015) Are you a technology company that would like to actively participate in growing the right candidates for your open IT and cybersecurity positions? Are you a job seeker interested in pursuing a career in...
Cybersecurity: You Don't Know What You Don't Know(Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.