Stories early this week suggest grounds for US confidence in its quick attribution of the Sony hack to the North Korean government: NSA may have seen the attack unfold. As Naked Security says, the US "had a front-row seat." That seat, if in fact it was occupied, seems not to have offered a clear view of battlespace preparation. (Reaction lacks the default tone of outrage NSA stories attract, almost as if the agency were witnessed carrying out a legitimate mission. Who knew?)
Weekend stories of Islamist hacktivism against French media sites in the wake of the Charlie Hebdo massacre may have been overblown — some reports now indicate apparent hacks may have been technical failures. Islamist information operations (largely diffuse Internet recruiting efforts) draw attention and concern from Ohio to Berlin to Pakistan. Independently, criminals co-opt the #JeSuisCharlie hashtag to spread malware.
The Chinese government is accused of a man-in-the-middle attack against Microsoft Outlook users. An old story — Chinese cyber theft of F-35 design information — also resurfaces. China denies the allegation, but it arouses fresh concerns in Australia and Japan.
Beware of bogus LinkedIn support messages, warns Symantec.
Lizard Squad may have over-reached with its DDoS-as-a-service offering: other hackers appear to have compromised their site. But other hired guns are out there: analysts look at a growing black market for espionage-as-a-service.
The UK and US plan closer cyber collaboration, and UK cyber firms seek US market share.
US President Obama is expected to propose cyber information sharing in tonight's State-of-the-Union address.
Today's issue includes events affecting Australia, China, European Union, France, Germany, Hungary, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Malaysia, Nepal, Russia, Switzerland, United Arab Emirates, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
N.S.A. Breached North Korean Networks Before Sony Attack, Officials Say(New York Times) The trail that led American officials to blame North Korea for the destructive cyberattack on Sony Pictures Entertainment in November winds back to 2010, when the National Security Agency scrambled to break into the computer systems of a country considered one of the most impenetrable targets on earth
Reactions to NYT Story on North Korean Cyber Penetration(Lawfare) David Sanger and Martin Fackler write in the NYT that the NSA "drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies"
'Islamist cyber-attack' on French publications proves untrue(domain-b) Several prominent French news websites remained unavailable on Friday for several hours in what was initially reported as a cyber-attack by Islamic groups, particularly in view of a warning by authorities of such attacks a day earlier
How Hackers Are Using #JeSuisCharlie To Spread Malware(Forbes) In the wake of the tragic shootings at the Charlie Hebdo offices in Paris last week, #JeSuisCharlie soon became a trending message of solidarity. But journalists aren't the only ones following these viral news events with interest. Malware organizations are quick to latch onto tragedy to to spread malware, and they're getting better at it with each new disaster, according to research from Blue Coat security firm
The terrorist recruiter in your living room(USA TODAY) At first blush, the online magazine looks like any other slick electronic publication. The color graphics are eye-catching, the production values are good, and the layout could have been done by a design school grad
Islamic State group reaches for Afghanistan and Pakistan(AP via the Longview News-Journal) Afghanistan and Pakistan, home to al-Qaida and Taliban militants and the focus of the longest war in U.S. history, face a new, emerging threat from the Islamic State group, officials have told The Associated Press
This tool may make it easier for thieves to empty bank accounts(IDG via CSO) Banks and payment services are in a constant fight to detect account fraud, employing sophisticated ways to detect abnormal activities. One of those ways is "fingerprinting" a Web browser, or analyzing its relatively unique software stamp
Typosquatting abuse of 500 most popular websites analyzed(Help Net Security) A group of researchers from Belgian University of Leuven and US-based Stony Brook University have released the results of their months-long research of typosquatting abuse, and have discovered a number of interesting things
Cyber criminals targeting LinkedIn users, says Symantec(Financial Express) Cyber criminals are now targeting LinkedIn users by scamming them into sharing their credentials by sending out mails claiming to be from the support team of the world's largest professional networking firm, security software firm Symantec warned today
Mercenary Hacker Crews Offering Espionage-as-a-Service Are On The Rise(Digital Dao) Although the Sony attack was loud, damaging and hugely embarrassing to the company, the bigger threat is from mercenary hacker crews who steal billions of dollars of valuable technology secrets every year from U.S. companies on behalf of paying clients according to Jeffrey Carr, President and CEO of Taia Global, Inc
The TRIES Framework: Counter-Reconnaissance against EaaS Threat Actors(Taia Global) Intellectual property theft in the United States is estimated to cost US companies $300 billion per year. For most of this century, it has been believed that nation states are behind this type of cyber espionage, however, there is an under-reported threat actor (hacker groups for hire) who is willing to attack a company's network and cause damage or steal its crown jewels in exchange for very high fees paid by wealthy businessmen or corporate competitors. This has become known in the security world as Espionage-as-aService or "EaaS"
G DATA Publishes Analysis of Cyber-espionage Programs(PR Rocket) Security experts have been documenting the development of the Agent.BTZ malware for seven years. The latest disclosures and links lead to speculation that even more attacks can be expected in the future
Bulletin (SB15-019) Vulnerability Summary for the Week of January 12, 2015(US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Microsoft Ends Support for Windows 7. What You Need to Know(Hot for Security) Two days ago the security world watched the official demise of one of the most popular Windows platforms, Windows 7. But what does it really mean and how does it impact users and organizations? Here is what you need to know
Cyber Security's "Infamous Five" of 2014(Cyactive) In the past year, the number and scope of mega-cyber breaches was so astonishing that it is difficult to crown a top offender in the category of "malware of the year." While rankings of worst breaches generally focus on the financial implications of given breaches or the headlines generated by hacks, it behooves those of us tasked with defending systems to note the ease with which malware is recycled for maximum impact
2015: When Things Get Serious(Infosec Institute) Let's start looking at the future of the IT Security landscape by reviewing the past. I made some predictions last year for InfoSec Institute. The article started off with a clever disclaimer that all subjects in the IT Security world are new and are still pioneering in their fields, so that anything can happen within a year
Secunia Country Reports(Secuina) The Secunia Country Reports tell you how much vulnerable software is present on private PCs in your country, plus a few extra, interesting facts
Risk modellers look to clarify cyber risk costs(Malaysian Insider) Even as the Sony Corp cyber attack laid bare the kinds of vulnerabilities that typically drive companies to buy insurance policies, the lack of a risk model for insurers means such protection is not always easy to get
G Data Internet Security 2015(PC Magazine) The main purpose of a security suite is to give you a single integrated source for all of your security needs. That's certainly better than having to deal separately with antivirus, firewall, spam filter, parental control, and so on. G Data Internet Security 2015 ($39.95 per year; $49.95 for three licenses) totally fills the bill. However, its components aren't all equally effective
R&K Cyber Solutions licenses ORNL malware detection technology(EurekAlert) Washington, D.C.-based R&K Cyber Solutions LLC (R&K) has licensed Hyperion, a cyber security technology from the Department of Energy's Oak Ridge National Laboratory that can quickly recognize malicious software even if the specific program has not been previously identified as a threat
Sesame: Mac Security In One Click(Clapway) If there's one major concern that exists in the workplace, it's making sure that your desktop computer is protected. Mac users can attest to this, with the sleep function not exactly a foolproof way to keep things secure. It can also be a slight drag if you're constantly entering your password to unlock your Mac whenever you have to leave your desk throughout the day. A new product from Atama, however, looks to alleviate those security concerns and in the process, provide a new twist on computer security
Bitdefender Box Could Make Antivirus Software Obsolete(JBG News) AntiVirus Software companies are always striving to provide you with the best protection for your tech gadgets. However, as we live in a world where almost everything in your home, including your toaster and washing machine, can connect to the Internet, it is a struggle to install an AntiVirus app on everything. With that in mind, Bitdefender has recently announced their first hardware product — the Bitdefender Box, aimed at the casual consumer
What's Going On With Microsoft Security Essentials?(Air Herald) For a long time, Microsoft Security Essentials was the go to software to protect your computer and rid it of viruses, malware and the like. Now it calls for more scrutiny to see if the software is up to specs in today's computing
Technologies, Techniques, and Standards
Actionable information for security incident response(ENISA) This document is intended as a good practice guide for the exchange and processing of actionable information. The report is relevant to incident response in all types of organizations, the primary audience of this study isnational and governmental CERTs. The scope of the study is purposefully broad
Employee Threat Assessment Template for Large Organizations(Infosec Institute) Despite the popular image of the hacker cracking distant servers from his basement, studies show that people with legitimate access to your information pose an even bigger threat. And when information is stolen from within, it's often harder to trace and determine the extent of the problem
Fighting Cybercrime Doesn't Have to Cost a Fortune(Fiscal Times) In the wake of the latest high-profile hack of Sony and claims of "cyber-vandalism" being thrown about, it's normal to feel a sense of unease. Just this week, yet another proposal for new cybersecurity legislation has been made, and by the president no less
Has the time come to give up penetration testing?(Help Net Security) By carrying out 'white hat' attacks to identify potential entry points in the externally facing parts of an organization's IT network, such as its firewalls, email-servers or web-servers, pen testing can bring to light any existing security weaknesses. These potentially vulnerable external facing aspects, however, are rapidly increasing in number
The SOC Lone Ranger: Achieving More with Less(Infosecurity Magazine) It's not news that lack of budget and resources when it comes to IT security are common problems within organizations. The question we are facing now, when hit with the cold, hard reality that a quick fix is unlikely, is how to work around the limitations of a small security team. And it is not so bleak as it may seem; there are several key factors that contribute to the success of small security teams: knowing your environment, good communications skills, automation, setting a routine and taking advantage of threat sharing
Attacking Android Applications With Debuggers(NetSPI Blog) In this blog, I am going to walk through how we can attach a debugger to an Android application and step through method calls by using information gained from first decompiling it. The best part is, root privilege is not required
Design and Innovation
DHS Investment Into Solutions Could Impact Commercial Market(Business Solutions) The Department of Homeland Security's (DHS) Science and Technology (S&T) Directorate has invested billions of dollars in development and transitioning of research projects into viable commercial solutions for first responders and network operators
Can Artificial Intelligence Change Cyber Security?(Bloomberg) Linkdex Co-Founder John Straw discusses cyber security, artificial intelligence and the future of technology. He speaks with Francine Lacqua and Guy Johnson on Bloomberg Television's "The Pulse"
Vendors Focus on Docker Security(EnterpriseTech) While its unclear so far whether Docker containers will make much of a dent this year in the datacenter, vendors continue to announce support for the open platform designed to automate the deployment of cloud applications in secure software containers
After The Social Web, Here Comes The Trust Web(TechCrunch) The bitcoin train is really made up of two revolutions in one: money and finance, based on the bitcoin protocol, and exploiting the "currency programmability" aspects; and decentralized applications, based on the blockchain's distributed technology capabilities
Europe pivots between safety and privacy online(Christian Science Monitor) European countries lead a push for the right to anonymity in the Digital Age. But, in the wake of terrorist shootings in France, calls for greater surveillance rise, too
France attacks reinvigorate privacy versus security debate(AP via the Longview News-Journal) President Barack Obama argued Friday that a resurgent fear of terrorism across Europe and the United States should not lead countries to overreact and shed privacy protections, even as British Prime Minister David Cameron pressed for more government access to encrypted communications used by U.S. companies
Cyber security emergency response team formed(eKantipur) A group of Nepali Information Technology (IT) experts have established "Information Technology Security Emergency Response Team Nepal" (ITSERT-NP) that will counter risks in the cyberspace
Obama to Highlight Cybersecurity Proposals in State of the Union(Voice of America) In his State of the Union address Tuesday night, President Barack Obama is expected to focus on several new cybersecurity and privacy proposals recently announced by the White House. The measures call for greater information sharing between the federal government and private companies, and new security initiatives to prevent high-profile hacks
How the White House Wants to Share Cyber Threat Info(Health Data Management) Legislative language the White House has sent to Congress for consideration is an attempt to set the ground rules for making it easier for industries across the nation to share cyber threat information
Outpacing the Government: The 30-Day Rule in a Zero-Day Culture(Wired) The U.S. government is notoriously slow — anyone who's ever participated in jury duty knows this. But in the wake of recent data security breaches at Target and Sony Pictures Entertainment, President Obama recently publicized new legislation that will require corporations to notify customers within 30 days of any possible data breaches
Governments Struggle to Respond to Hackers(Defense News) The North Korean cyber hit on the network of Sony Entertainment in November is hardly the first state-sponsored bit of corporate hacking to strike the US or its allies, and experts say it is likely a harbinger of things to come
White House's Sweeping Cybersecurity Package Already Sparks Debate(TechZone360) Against the backdrop of a seemingly never-ending spate of data breaches, the White House made a renewed push this week for better cybersecurity legislation, asking the new Congress to consider a comprehensive measure that addresses three major buckets of concern, including the Personal Data Notification and Protection Act (PDNPA), which would be the first federal standard for data breach notification. The proposal also addresses modernizing law enforcement to better combat cybercrime, and increased cybersecurity information sharing
Obama's Cybersecurity Plan: Do As I Say, Not As I Do(Huffington Post) "If we're going to be connected, then we need to be protected," President Obama proclaimed at the Federal Trade Commission on Monday. In wide-ranging remarks, the president expressed what should be a self-evident truth, but is not yet a reality in the new digital age: "As Americans, we shouldn't have to forfeit our basic privacy when we go online to do our business"
President Obama Is Waging a War on Hackers(Wired) In next week's State of the Union address, President Obama will propose new laws against hacking that could make either retweeting or clicking on the above (fictional) link illegal
Cyber Security Proposals Threaten Privacy(Wall Street Daily) In the name of fighting against cyber attacks, Barack Obama wants to change the rules that protect your personal data. You see, the real motherlode of data on Americans currently sits in private hands
White House: CIA Shouldn't Be Punished for "Inappropriate" Access of Senate Computers(Slate) In July 2014 an internal CIA investigation found that the agency "improperly accessed" computers being used by the Senate Select Committee on Intelligence, or SSCI, to prepare what's become known as "the torture report" on post-9/11 interrogation practices. In plain English, you could say that the CIA (which is part of the executive branch) was found to have spied on the Senate (which is part of the legislative branch). At the time, President Obama said such actions "showed very poor judgment." Politico's Josh Gerstein reports that the White House now seems to be reversing its position on the issue, endorsing the newly released report of an "accountability board" that defends the CIA's actions fairly aggressively and recommends no one be disciplined over the incident
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Financial Cryptography and Data Security 2015(San Juan, Puerto Rico, USA, January 26 - 30, 2015) The goal of the conference is to bring security and cryptography researchers and practitioners together with economists, bankers, implementers and policy-makers. Intimate and colourful by tradition, the...
CSEAN Cyber Secure Nigeria 2015 Conference(Garki Abuja, Nigeria, January 29, 2015) The vast scope of cyber threats makes a compelling case for a multi-stakeholder collaboration in curbing domestic and International threat. "Cyber Secure Nigeria 2015" conference encapsulates various hot...
Data Connectors Los Angeles 2015(Los Angeles, California, USA, January 29, 2015) The Los Angeles Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...
Transnational Organized Crime as a National Security Threat(Washington, DC, USA, January 29, 2015) United Kingdom's National Crime Agency Director General Keith Bristow will discuss transnational organized crime as a national security threat, focusing on economic and cyber crimes, and digging into the...
ISSA CISO Forum(Atlanta, Georgia, USA, January 29 - 30, 2015) Corporate Information Security and Legal programs must be closely aligned to be successful in today's world. Customer and vendor contracts require strong security language. Response to data breaches are...
NEDForum > London "What we can learn from the Darknet"(London, England, UK, January 30, 2015) The 2nd NED Forum event comes to London on Friday 30th January 2015, the day of the White Hat Ball. The event will focus on the Darknet and where it provides a rich source of learning that can be applied...
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
FIC 2015(Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...
AppSec California(Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...
Data Privacy Day San Diego — The Future of IoT and Privacy(San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...
Cyber Threat Intelligence Summit(Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities
Suits and Spooks(Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...
Nullcon 2015(Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats
ICISSP 2015(Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...
2015 Cyber Risk Insights Conference — London(London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...
AFCEA West 2015(San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
Cybersecurity: You Don't Know What You Don't Know(Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.