Various Islamist factions compete for discredit as they claim the Charlie Hebdo massacres and use of children as executioners.
Fast becoming as familiar (and perhaps as decentralized in use) as the Anonymous Guy Fawkes mask, the CyberCaliphate's checkered shemagh defaces North Korea's Air Koryo Facebook page.
Speculation about hacktivists behind the compromise of US CENTCOM's social media accounts continues to focus on a disaffected Brummie, Jumaid Hussein al-Britani, former Midlands jailbird, current whereabouts unknown, but possibly somewhere in the Levant. His wife said last week he was killed by a drone, but few believe this. The US Army says the CENTCOM hack exposed a "significant number" of retired generals' personal information.
Sucuri reports a vulnerability in Vbulletin to PHP code insertion.
Microsoft researchers detail the most recent enhancements to CryptoWall.
Brazilian banking customers struggle with what observers call a "virtual mugging" that uses the KL-Remote exploit toolkit.
Malvertising with convincing spoofs of legitimate publications is found in Google AdSense. Online advertiser Tum uses an undeletable Verizon tracking number to spawn "zombie cookies." Tum says Verizon told them it was o.k.
American and United airline frequent fliers' user accounts are compromised and miles are reported stolen.
UK PM Cameron will push his widely-criticized views on encryption during his summit with US President Obama. The President's own cyber proposals receive weaker reviews today: observers see RICO prosecutions for innocent online activity, with civil liberties protected only by prosecutorial discretion. (Still, some like the parts granting immunity for sharing data with the Government.)
A note to our readers: the CyberWire will observe Martin Luther King Day and not publish Monday. We'll resume regular publication on Tuesday, January 20.
Today's issue includes events affecting Australia, Brazil, Canada, China, Côte d'Ivoire, Germany, India, Japan, Democratic Peoples Republic of Korea, Malaysia, Russia, Syria, Sweden, United Kingdom, United States, and Vietnam.
Cyber Attacks, Threats, and Vulnerabilities
Disputed Claims Over Qaeda Role in Paris Attacks(New York Times) The younger of the two brothers who killed 12 people in Paris last week most likely used his older brother's passport in 2011 to travel to Yemen, where he received training and $20,000 from Al Qaeda's affiliate there, presumably to finance attacks when he returned home to France
Meet the Star-Crossed Lovers Behind the Islamic State's Centcom Hack(Foreign Policy) When a group calling itself the "CyberCaliphate" breached Centcom's Twitter and YouTube accounts and flooded both with pro-Islamic state messages and videos earlier this week, American law enforcement officials raced to find out who was responsible for the attack. The main suspects: a group led by Junaid Hussain, a 20-year-old who moved from Britain to Syria — accompanied by his 45-year-old alt-rock girlfriend — to kick-start the Islamic State's hacking campaign
What Can Happen If Your Organization Is Targeted(Fortinet Security Research Blog) A few weeks ago, we received a file that was being spread as an attachment in a spear phishing email. The sample, which we are detecting as W32/Byanga.A!tr, turns out to be a dropper for a bot which, if active in an organization's system, has the capability to perform malicious activities that can be very damaging to the targeted organization
Google AdSense Used for Malvertising Campaign(Softpedia) Advertisements redirecting users to scam websites impersonating reputable magazines and blogs that touted shady health products have been spotted in Google's AdSense program
Fake BBC News Site Baits Victims with Charlie Hebdo Misinformation(Infosecurity Magazine) A suspicious site that was attempting to mimic the official BBC News website while serving up false information about the Charlie Hebdo tragedy managed to garner an immense amount of traffic earlier this week — with the likely intent to deceive and perhaps harm visitors via malicious file downloads or through click-fraud
Park 'N Fly, OneStopParking Confirm Breaches(KrebsOnSecurity) Late last year, KrebsOnSecurity wrote that two huge swaths of credit card numbers put up for sale in the cybercrime underground had likely been stolen from Park 'N Fly and from OneStopParking.com, competing airport parking services that lets customers reserve spots in advance of travel via Internet reservation systems. This week, both companies confirmed that they had indeed suffered a breach
Five key security, identity and access management trends(Help Net Security) CA Technologies announced five key trends for security and identity and access management (IAM) that will impact organizations and security professionals in 2015 as they compete in the application economy
The 7 biggest lies you've been told about hacking(Daily Dot) Online security is increasingly an issue rich for headlines as everyone from movie studios and celebrities to major retailers and CENTCOM find themselves the victims of digital infiltrators. However, "hacking" is also a very technical issue and, like many technical issues, one the media often gets wrong
Developers, the Cloud, and Security Concerns(Cloud Tweaks) So I got to thinking about security and how this relates to developers in particular. This was prompted by a recent read of the findings reported in a survey, "2014: The Year of Encryption" conducted by Egress Software Technologies, of delegates at Europe's largest information security event Infosecurity Europe 2014. And you know the first and almost overwhelming thought that struck me was how important security should be for these folk
'Blackhat' director Michael Mann has a worst-case cyber-attack scenario for you(HitFix) A half-hour sitting across a table from Michael Mann is more than enough time to remind you of all the stuff you don't know. A consummate researcher-filmmaker, he never puts something out into the creative ether without knowing it inside and out, without knowing its world, its players — everything that needed to exist in order to birth it in the first place, he's canvased it. So no, he wasn't shocked to hear that last month, corporate giant Sony had been maliciously hacked leaving privileged information scattered to the public
Here's how insurance will respond to the Sony cyber hack(Insurance Business America) The Sony Pictures cyber attack of seven weeks ago represented a game-changer in the recent string of data breaches that have plagued high-profile companies like Target, Home Depot and Dairy Queen. With repercussions ranging from entertainment industry rumors to potential matters of national security, the breach was a strong reminder of just what’s at risk when hackers attack
KPMG makes third cyber security acquisition in four months(KPMG via LinkedIn) We've just announced that KPMG Finland has acquired 100% of Trusteq Oy, a 45 strong Finnish cyber security consulting company specializing in identity and access management services and security transformation projects
Microsoft Welcomes Cylance Into The Antivirus Club(Forbes) When I think of antivirus there are specific vendors and tools that come to mind: Symantec, McAfee, Panda Security, BitDefender, and others. Microsoft is expanding the definition of "antivirus", though, by inviting Cylance to join the Microsoft Virus Initiative (MVI) and Virus Information Alliance (VIA) — groups organized by Microsoft to coordinate antimalware efforts, and provide effective security for Microsoft customers
Peerio — End-to-End Encrypted Secure Messenger and File Sharing App(Hacker News) On one end, where governments of countries like Russia is criticizing end-to-end encryption and considering to ban the encrypted communication apps like Snapchat, CryptoCat, WhatsApp and Apple's iMessage. On the other hand, the Internet community has come up with a new and rather more secure encrypted communication app
Watching A Cyberattack Bloom: vArmour Visualizes The Data Breach(Xconomy) Financial firm Morgan Stanley is the latest big company forced to acknowledge a data breach, after finding to its horror early this month that the names and account numbers of thousands of its wealthy investment clients had been posted on the Internet. The New York firm follows entertainment giant Sony and a long list of other apparent cybercrime victims, whose vulnerability leaves other businesses wondering what bugs and cracks might lie undetected in their own computer systems
New Cyber Service Investigates Behavior Of Specific Threats(HS Today) As complex operations become an increasingly frequent feature of contemporary cyber crime, Kaspersky Lab has launched an online service that brings together all the information it holds on the most sophisticated cyber campaigns. The interactive Targeted cyberattacks logbook project displays Kaspersky's research and analysis
ESET launches ESET NOD32 Antivirus 8 and ESET Smart Security 8(Technuter) ESET, the global player in proactive digital protection, has announced the latest versions of its flagship security software products: ESET NOD32 Antivirus 8 and ESET Smart Security 8. The latest line-up includes Botnet Protection and Enhanced Exploit Blocker that protects against exploits and offer anti-phishing and social media scanning capabilities
IBM Launches z13 Mainframe — Most Powerful and Secure System Ever Built(PRNewswire) First system able to process 2.5 billion transactions per day, built for mobile economy. Makes possible real-time encryption on all mobile transactions at scale. First mainframe system with embedded analytics providing real time transaction insights 17X faster than compared competitive systems at a fraction of the cost
Strategy: Planning and Recovering From a Data Breach(SecurityWeek) 2014 was a terrible, horrible, no good, very bad year for cyber attacks. Target's point-of-sale attack in late 2013 proved to be a common breach theme in 2014, targeting retailers such as Michaels, Kmart, Home Depot, and Neiman Marcus. Attackers also began targeting cloud applications, from Apple iCloud to Salesforce (Zeus variant and Dyreza) to Office 365. The recent Sony Pictures breach also demonstrated attackers' turn for the malicious, from sending threatening employee emails and demanding ransom to creating malware focused not just on exfiltration but on destroying data
CapTipper — Malicious HTTP traffic explorer tool(Omri Herscovici) CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found
Dynamic Malware Analysis with REMnux v5 — Part 1(Count Upon Security) Part 1 illustrates a series of very useful tools and techniques used for dynamic analysis. Security incident handlers and malware analysts can apply this knowledge to analyze a malware sample in a quick fashion using the multi-purpose REMnux v5. This way you can extract IOCs that might be used to identify the malware across your defense systems and aid your incident response actions
Nysmith Students Meet Cyber Defense Challenge(Connection) Two teams of middle school students from The Nysmith School of Herndon recently finished second and 12th out of 200 U.S. and Canadian teams participating in the seventh Annual CyberPatriot National Youth Cyber Defense Competition. The program puts students in the position of newly-hired IT professionals and challenges them to find and resolve cybersecurity vulnerabilities in simulated environments
Legislation, Policy, and Regulation
David Cameron to press Barack Obama on security fears(Financial Times) David Cameron will seek Barack Obama's support this week for a push to improve co-operation between intelligence agencies and technology companies such as Twitter and Facebook, warning the president that public safety is at stake
FACT SHEET: Safeguarding American Consumers & Families(White House: Office of the Press Secretary) Today, President Obama will build on the steps he has taken to protect American companies, consumers, and infrastructure from cyber threats, while safeguarding privacy and civil liberties. These actions have included the President's 2012 comprehensive blueprint for consumer privacy, the BuySecure initiative — launched last year — to safeguard Americans' financial security, and steps the President took earlier this year by creating a working group of senior administration officials to examine issues related to big data and privacy in public services and the commercial sector
Obama's War on Hackers(Errata Security) In next week's State of the Union address, President Obama will propose new laws against hacking that could make either retweeting or clicking on the above link illegal. The new laws make it a felony to intentionally access unauthorized information even if it's been posted to a public website. The new laws make it a felony to traffic in information like passwords, where "trafficking" includes posting a link
Obama Security Proposals 'Will Create Cyber Police State'(Forbes) Another of Obama's recommendations could see offenses covered by the CFAA included in prosecutions under the Racketeering Influenced and Corrupt Organizations Act. According to Graham, just being linked to a hacker group would land you in danger of a 20-year prison sentence. As many innocent researchers and interested parties hang around in the same chatrooms and forums as criminal hackers, this could again ensnare many who don't deserve to have their online activities criminalised
Obama's cybersecurity plans part of decade-old programs(AP via the Longview News-Journal) President Barack Obama said Tuesday that recent cyberthreats to Sony and the military's U.S. Central Command are reminders of the serious threats facing the nation. But an Associated Press review shows that some of his plans are retreads from years past
Senator to introduce data breach bill(The Hill) Sen. Bill Nelson (D-Fla.), the ranking member on the Senate Commerce Committee, will soon introduce a data breach notification bill that closely resembles a proposal President Obama called for during a Monday speech
Michael Daniel: Cybersecurity's many moving parts(Federal Times) Michael Daniel was a long-time national security budget official at the Office of Management and Budget before being tapped in 2012 to oversee the interagency development and implementation of national cybersecurity strategy and policy, leading to President Obama's 2013 milestone signing of Executive Order 13636
NSA Official: Support for Compromised Dual EC Algorithm Was 'Regrettable'(Threatpost) In a new article in an academic math journal, the NSA's director of research says that the agency's decision not to withdraw its support of the Dual EC_DRBG random number generator after security researchers found weaknesses in it and questioned its provenance was a "regrettable" choice
Thornberry Gives Intel Oversight to Full HASC(DefenseNews) The newly minted House Armed Services Committee chairman is putting his mark on the panel, shifting oversight of military intelligence to the purview of the full committee
Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG)(Defense Information Systems Agency) Cloud computing technology and services provide the Department of Defense (DoD) with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federal data center consolidation
DISA Shrinks Cybersecurity To Grow It(Breaking Defense) The day before Islamic radicals hijacked Central Command's Twitter account, the Defense Information Systems Agency officially launched a major overhaul intended, among other things, to increase cybersecurity
Alert: The Regulation of Virtual, Digital and Crypto-currencies(JDSupra Business Advisor) A virtual currency is "a digital representation of value that is neither issued by a central bank or public authority nor necessarily attached to a [fiat currency], but is used by … persons as a means of exchange and can be transferred, stored or traded electronically"
Shakeup at Secret Service; 4 executives reassigned(AP via KLTV) Four of the highest-ranking Secret Service executives have been reassigned following a series of security mishaps and scathing reports questioning leadership within the agency, the Secret Service said Wednesday
Government Demands for Verizon Customer Data Drop(Threatpost) The number of subpoenas, total orders and warrants that the United States government delivered to Verizon all dropped in the second half of 2014, according to the company's latest transparency report
Reddit user cracks The Pirate Bay secret code(HackRead) The Pirate Bay (TPB), an online index of digital contents that went down on Dec 9 after police raided its data center in Sweden, has been dropping hints that February 1 will be a grand day
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
ShmooCon(Washington, DC, USA, January 16 - 18, 2015) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...
FloCon 2015(Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
FIC 2015(Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...
AppSec California(Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...
Data Privacy Day San Diego — The Future of IoT and Privacy(San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...
Cyber Threat Intelligence Summit(Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities
Suits and Spooks(Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...
Nullcon 2015(Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats
ICISSP 2015(Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...
2015 Cyber Risk Insights Conference — London(London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...
AFCEA West 2015(San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
Cybersecurity: You Don't Know What You Don't Know(Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.