CyberBerkut is back. The Putinist hackers claim to have disrupted a number of German government Websites in retaliation for Germany's support of Ukraine against the Russian campaign to re-engorge it.
ISIS sympathizers of the "CyberCaliphate" go after another US small media market, this time in Albuquerque.
Sony hack skeptics still aren't buying the FBI's insistence (based partially on clues left by "sloppy" attackers) that North Korea did it. Some think they see evidence of a "second attack" in spearphishing emails originating from British and Turkish ISPs, but other observers regard such levels of spearphishing as just the normal cost of doing business in cyberspace. A North Korean defector (supporting one tendency of US Government analysis of the case) claims DPRK hackers operate from a front in Shenyang. Other observers wonder why Sony seems to be a perennial hacking target: some trace it to the company's attempts, between 2005 and 2007, to install a copy protection rootkit in music CDs.
Pastebin has long been a place to dump stolen data. It's now being used to distribute backdoors.
Georgia Tech researchers are working on ways to parry side-channel attacks.
As the Morgan Stanley breach investigation unfolds, analysts warn, again, of the insider threat. The disaffected may become malicious; they're even likelier to become careless.
Electronic Arts appears to have been hacked.
In the US Defense Department, both DISA and Cyber Command are shopping for industry help with cyber security.
Kevin Mitnick is now selling zero-days (but only to good guys, he says).
Today's issue includes events affecting Belgium, Canada, China, European Union, Germany, India, Iraq, Democratic Peoples Republic of Korea, Russia, Syria, Thailand, Turkey, Ukraine, United Kingdom, United States.
ISIS hacker hacks Twitter accounts of US local TV station, Albuquerque Journal(HackRead) A hacker supporting the ISIS or ISIL terrorist group has hacked the official Twitter account and website of WBOC-TV, a Salisbury-based television station. The same hacker managed to hack Albuquerque Journal's Twitter page with posts and photos supporting ISIS fighters and threatening Albuquerque citizens
Was Sony Hit With a Second Hack?(Daily Beast) The FBI director on Wednesday revealed previously classified intelligence that he says shows North Korea is to blame for the massive data breach, but other hackers from different countries may have tried as well
Backdoors Found Leveraging Pastebin(Threatpost) The cut and paste website Pastebin is perhaps best known as a conduit for attackers to share database dumps, stolen data and other code, but now hackers have begun leveraging the site for their actual attacks
Researchers Work to Counter a New Class of Coffee Shop Hackers(Newswise) If you're sitting in a coffee shop, tapping away on your laptop, feeling safe from hackers because you didn't connect to the shop's wifi, think again. The bad guys may be able to see what you're doing just by analyzing the low-power electronic signals your laptop emits even when it's not connected to the Internet
Assessing the Risk of POODLE(Internet Storm Center) One of the biggest security announcements in the last year was definitely the POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability, which marked the real end of SSLv3. In a contrast with many other previously identified vulnerabilities in encryption algorithms used by SSLv3, this vulnerability is viable, and can be exploited by an attacker without jumping over too many obstacles or requiring large resources — the POODLE vulnerability is real
Several Electronic Arts Origin accounts may have been hacked(HackRead) The gamers at Electronic Arts are finding purchases they didn't make on their accounts. This news comes in right after the Lizard Squad hackers attacked and brought to a stop the PSN and Xbox live services while the H4lt squad leaked the Xbox One SDK online, allowing the development of Homebrew Apps to be run on the gaming console
Your Best Asset? An empowered and aware workforce(CSO) I would offer that, in our ardor to discover yet another algorithm or create yet another complex software suite to counter the malicious insider or, almost as dangerous, the persistent state-sponsored threat, we are missing the best, and ironically the least-expensive method to mitigate these threats
Phish Allergy — Recognizing Phishing Messages(We Live Security) This an updated and expanded version of advice that I've given many times in blog articles, white papers and conference papers. I'm not resurrecting it with reference to any particular phish (though I'm seeing an interesting selection of Apple-ID-targeting phishing mails at the moment), but because in the course of a conversation I had on a social media site, I promised to generate an update: sadly, there's a continuing need for (hopefully) reliable advice on phishing
Addressing Escalation: When Hackers Get Destructive(Security Magazine) Ask most corporate executives to define cybersecurity and their initial thoughts turn to data privacy. That's for good reason. Companies are bleeding corporate trade secrets and personally identifiable information at such an alarming rate that confidentiality issues and related compliance concerns can't help but dominate the cybersecurity agenda. Yet, ask cybersecurity professionals what keeps them up at night, and the topic invariably turns to data deletion, tampering with control systems, and the potential to cause physical harm over the Internet
8 smart devices at risk(CSO) The explosion of "smart" devices is bringing unprecedented convenience to consumers. But, as is the case with anything connected to the Internet, it also brings risks
Piper Jaffray: Security Again the Top CIO Spending Priority(Wall Street Journal) Cybersecurity is rising ever higher on the list of top priorities for CIOs. In a survey of 112 CIOs by brokerage firm Piper Jaffray, 75% of respondents said they expect to increase security spending in 2015. That compares with 59% who expected an increase in last year's survey. "CIOs clearly have heightened concerns from the many security breaches that occurred in 2014, resulting in an inflection in overall security spending," the report says. It's the second year in a row that security has taken the top spot
9 Enterprise Security Trends for 2015(eSecurity Planet) Hackers find new twists for some of their favorite tools, like malware and DDoS, which means organizations need to get even more serious about security in 2015
Security trends 2015 predictions round-up(ITProPortal) Over the past couple of months, my inbox has filled up with predictions from vendors, analysts and security thinkers on what they think will create havoc or solve our problems in 2015
Why Healthcare Security Needs a New Approach to Malware(HealthITSecurity) Healthcare security must be able to keep pace with the evolution of how healthcare data is used. For example, healthcare data is more valuable than ever, accounting for more than 43 percent of major data breaches, according to the Identity Theft Research Center 2013 report
'Lax Information Security Could Prove Dangerous'(New Indian Express) Possessing a secure cryptography and information security set-up is imperative for the security of a country or organisation, Turing Award winner Prof Silvio Micali said on Tuesday
Thailand's top-three cyber-threats identified(The Nation) The top three cyber-threats in Thailand this year will be online-banking malware, malware on mobile devices, and attacks on open-source vulnerabilities, according to Trend Micro
Cyber Command turns to industry for solutions(FCW) WHAT: The Defense Information Systems Agency has issued a draft RFP for a contractor to help "streamline" U.S. Cyber Command's "acquisition of cyber-related services" and to provide the command with a range of cyber-related products and services
CyberArk (CYBR), Tableau (DATA) Crush Earnings Estimates(Cabot Investing Advice) CyberArk Software (CYBR) and Tableau Software (DATA) are topping earnings estimates by a wide margin. With growth much faster than anticipated, investors often ratchet up earnings expectations — and hence the stock, Investor's Business Daily reported
Goodguy Hacker Selling Bad Guy hacks(Finextra) Makes you wonder what these guys would have accomplished had they been born during the Renaissance…case in point: Kevin Mitnick, whose genius was so impressive as a cyber criminal (he hacked into IBM, Motorola, Sun Microsystems and other big-name outfits), that after serving prison time, he was hired as a good guy to help security teams develop penetration-proof systems
Raytheon Company Announces Executive Appointments(PRNewswire via the Providence Journal) Raytheon Company Chairman and CEO Thomas A. Kennedy announced today the appointment of David C. Wajsgras as President, Raytheon Intelligence, Information and Services (IIS) business, succeeding Lynn A. Dugle, who has announced plans to retire from the company. Additionally, Kennedy has appointed Anthony F. "Toby" O'Brien vice president and Chief Financial Officer, succeeding Wajsgras. The new appointments are effective March 2, 2015
Call On Threat Intelligence To Secure Your Organization(Manufacturing Business Technology) You may wish you had a crystal ball to see what cyber threats are headed your way, but there's something far more reliable. Threat intelligence provides you with true evidence of current-day threats that have already been spotted hitting organizations like yours, giving you time to prepare your defenses and block oncoming attacks
Why patch management is ALSO REQUIRED in ICS infrastructure(Internet Storm Center) Security patch management is a delicate issue in critical infrastructure. This is caused for the specific configuration, operating system version and related software required by the ICS platform. Most support contracts states that any modification outside the parameters stated by the manufacturer will void the relation and release manufacturer and seller from any responsibility about malfunction and any consequence on the industrial process
Authentication is a Two Way Street!(Safe and Savvy: F-Secure) In computer security, we throw around the word authentication all the time. It means a process or mechanism that is used to prove that you are you, (or that someone else or something else proves to you that they are they). Imagine yourself in a wartime encampment. Someone approaches the sentry and the sentry calls out "Flash" The approaching soldier replies, "Thunder". This is a classic sign and countersign password set from World War II
The Relationship Between Regulation and Corporate Culture(Willis Wire) The Financial Conduct Authority (FCA), formerly the Financial Services Authority, holds an Enforcement Conference every two years. The latest one, last month, was the first one under the new FCA regime. The content of the conference was pretty much as expected
Top 3 reasons businesses should prioritize web security(Help Net Security) 2014 was a year of high-profile hacks for businesses around the world. From The Home Depot breach to the recent Sony data leak, it seemed like as soon as one data breach was under control, another one came to light
A Packet a Day: ICMPv6 Type 1 Code 5(Internet Storm Center) One of the exercises I keep recommending is to take 5 minutes of traffic form your own network (any network...), and try to explain each packet. Being an "eat your own dogfood" kind of guy, I try to do this myself every so often, and yesterday, after setting up a new IPv6 connection, I came across this neat packet
Trend Micro Supports Cybersecurity Curriculum with Educational Grant(PRNewswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in security software, has announced a $10,000 donation to the Mission College Center for Innovation and Technology (MC²IT). The grant will provide resources and expertise to advise and help enhance cybersecurity course curriculum. As the security and privacy industry continues to expand and evolve, Trend Micro is committed to encouraging students to enter the cybersecurity field while empowering them with the core competency to do so
Researchers teach security master class at Oregon State(SC Magazine) Over the next 10 weeks, analysts at McAfee Labs will teach a master class on cyber security at Oregon State University, which will cover everything from malware research, to mobile threats, incident response, and other topics
Santa Cruz libraries host cyber 'hygiene' classes(Santa Cruz Sentinel) With the nation's consciousness raised about cyber crime after North Korea's attack on Sony Pictures, the Santa Cruz Public Libraries is partnering with law enforcement and education agencies to encourage residents to better protect themselves online
Legislation, Policy, and Regulation
The Glamour of Islamic State(Bloomberg View) The Pentagon is trying to figure out why Islamic State has been so successful at attracting followers. "What makes I.S. so magnetic, inspirational?" Major General Michael Nagata, who commands U.S. special operations forces in the Middle East, asked a conference call of outside experts examining the question
North Korea's cyber-gap(Al Jazeera) North Korea's survival depends on keeping internet access limited to the privileged few
Re-Designating North Korea as a State Sponsor of Terrorism Would Only Make Matters Worse(New Republic) As the 114th Congress meets for the first time Tuesday, the Sony hack that dominated the holiday news cycle is fresh for political posturing. On Friday, the White House announced a new round of sanctions on North Korea, but Senator Robert Menendez is demanding a stronger response. He has repeatedly called for the State Department to add the Hermit Kingdom to the list of four states that sponsor terrorism
EU lawmaker warns of data protection rules delay till 2016(EurActiv) With serious differences remaining between the European Parliament and the 28 member states, doubts remain over whether the EU's new Data Protection Regulation (DPR) can be agreed before the end of the year, the Parliament's rapporteur warned yesterday (7 January)
Connected Choices: How the Internet Is Challenging Sovereign Decisions(American Foreign Policy Interests) Modern societies are in the middle of a strategic, multidimensional competition for money, power, and control over all aspects of the Internet and the Internet economy. This article discusses the increasing pace of discord and the competing interests that are unfolding in the current debate concerning the control and governance of the Internet and its infrastructure
VPN Services Consider Leaving Canada to Protect Customer Privacy(TorrentFreak) Last week Canada enacted an amendment to its copyright law which requires Internet services to retain access logs of customers in order to process piracy notices. This mandatory data retention puts the privacy of VPN users at risk, and as a result Canadian providers are considering pulling out of the country
FBI Director: Sony's 'Sloppy' North Korean Hackers Revealed Their IP Addresses(Wired) The Obama administration has been tightlipped about its controversial naming of the North Korean government as the definitive source of the hack that eviscerated Sony Pictures Entertainment late last year. But FBI director James Comey is standing by the bureau's conclusion, and has offered up a few tiny breadcrumbs of the evidence that led to it. Those crumbs include the claim that Sony hackers sometimes failed to use the proxy servers that masked the origin of their attack, revealing IP addresses that the FBI says were used exclusively by North Korea
FBI Director to Detail Sony Hack Investigation(The Intercept) In the run-up to what some expect to be significant news from the FBI director on the Sony cyber attack investigation, authorities continue to probe a series of threats directed at media organizations, according to law enforcement sources
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
AppSec California(Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...
AFCEA Defensive Cyber Operations Symposium(Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service...
Cybersecurity World Conference(New York, New York, USA, January 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting...
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
FIC 2015(Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...
Data Privacy Day San Diego — The Future of IoT and Privacy(San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.