Malaysia Airlines says Lizard Squad didn't actually "hack" the carrier's website. Instead, a DNS compromise redirected traffic to a spoof site. The US Department of Homeland Security hints it's assisting in an investigation.
Islamist hackers continue to exhibit their curious predilection for striking provincial, poorly defended Western targets. Small-town USA's recently been hit, and this week Algerian hackers go after a horseback riding business in Yorkshire.
Lizard Squad claimed responsibility for a Facebook outage, but Facebook says no, their bad, the crash was due to an internal error.
Ars Technica reports on a GCHQ mobile tracking program graced with a demotic acronym. (It's demotic American, which ought to give pause to those offering glib attribution of operations on the basis of linguistic clues.) In other news, GCHQ may itself have fallen victim to a prank phone call.
Attacks exploiting a now patched Flash zero-day show significant layers of obfuscation.
In the US, the Super Bowl is said to be receiving considerable cyber protection. (Would that such security be extended to the NFL mobile app, an unencrypted "spear phisher's dream," as Ars Technica calls it.)
The upcoming OS X build is expected to patch Thunderstrike.
The cyber insurance market, while rapidly maturing, remains immature. Companies are advised to consider their cyber-terrorism policies closely.
Corporate cyber defense exercises are becoming more common.
China reiterates its intention to censor VPNs. New US Defense Department cyber plans are announced.
Facebook caves to Turkish government pressure: it will now screen Turkish users from "anti-Islamic" content.
Today's issue includes events affecting Algeria, Afghanistan, Australia, Austria, Belgium, Canada, China, European Union, Denmark, France, Germany, India, Iran, Ireland, Israel, Italy, Japan, Republic of Korea, Mexico, Netherlands, New Zealand, Norway, Pakistan, Russia, Saudi Arabia, Singapore, Spain, Sweden, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
Malaysia Airlines says website not hacked(CNBC) Malaysia Airlines claimed Monday that its website had not been hacked, refuting claims by hacker group "Lizard Squad," who appeared to have taken over the main page earlier in the day and made references to the Islamic State. The carrier admitted that its Domain Name System (DNS) has been compromised resulting in users being re-directed to a hacker website
US to look into hacking of MAS website?(Rakyat Post) A top US Department of Homeland Security official has told a newspaper that the department may look into the recent cyber attack on the Malaysia Airlines website
Facebook takes blame for service outages, which hit wider Web(Reuters) Access to Facebook (FB.O), the world's largest social network, and its Instagram photo-sharing site, were blocked around the world for up to an hour on Tuesday, which the company said later was due to an internal fault and not an outside attack
Spy Agency in Britain Falls Victim to a Prankster(New York Times) At a time when Western leaders are clamoring for greater powers to conduct covert surveillance, a prankster in Britain has turned the tables, obtaining a private cellphone number for a top intelligence chief and apparently telephoning the prime minister in his name, British officials acknowledged on Monday
Over a Decade and Still Running: Targeted Attack Tool Hides Windows Tasks(TrendLabs Threat Intelligence Blog) Our engineers were investigating a case involving a targeted attack when they came across a custom tool called vtask.exe. Once executed, vtask.exe hides Windows tasks in the current session. What's curious about this attacker-created tool is that it appears to have been compiled in 2002 — twelve years ago
Marriott Customers' Personal Details Exposed by Simple Web Flaw(Tripwire: the State of Security) Here's a piece of advice for anyone responsible for securing a corporation's data: If you discover security researcher Randy Westergren is using your app, you had best take a long hard look at whether you are protecting your users' information properly
Denial of Service Attacks in Wireless Networks(Northeastern University) Wired networks for data communication were considered to be faster than wireless networks. However technological advancements in wireless networks have disapproved the claims made by the proponents of wired networks. Wireless data networks use radio waves for data communication between devices
Security Patches, Mitigations, and Software Updates
Thunderstrike Patch Slated for New OS X Build(Threatpost) In addition to patching the three Project Zero vulnerabilities disclosed last week, Apple is apparently readying a fix for the Thunderstrike boot attack as well, something that will purportedly rid all Macs running Yosemite of the issue
Anti-Spoofing Decline 'Bad News' for Security(Light Reading) The past year has seen a huge spike in the number of large cyber attacks and many organizations look poorly equipped to cope with an incident, according to the latest Worldwide Infrastructure Security Report from Arbor Networks
Five myths (debunked) about security and privacy for Internet of Things(CSO) IoT has the potential to enable improvements to so many facets of life, the list is endless. Its primary advancement is enabling the interconnectedness of "things" and resulting insights and synergies. Yet that same connectedness raises concerns for security and privacy that must be addressed
How the Internet of Things impacts enterprise security(Help Net Security) A new study conducted by Atomik Research examined the impact that emerging security threats connected with the Internet of Things (IoT) have on enterprise security. Study respondents included 404 IT professionals and 302 executives from retail, energy and financial services organizations in the U.S. and U.K
Promoting good cyber hygiene(Australian Defence) The centre will help train and equip cyber security professionals, perform advanced analytics and serve as Boeing's regional cyber security centre of excellence. Boeing will hire and train cyber security professionals in Singapore to staff the centre
Venafi to Launch Certificate Transparency Log(Threatpost) Three weeks after the first non-Google public log for Certificate Transparency was launched by DigiCert, officials at Venafi said that the company plans to debut its own public CT log
Why we need cyber war games(ComputerWeekly) After a year of high-profile cyber attacks, the US and UK have agreed to set up a joint cyber squad and conduct a series of cyber "war games" to test each other's resilience — but will that really do any good?
Decrypting MSSQL Credential Passwords(NetSPI Blog) A while ago I posted a blog on how to decrypt SQL Server link passwords. By using the same technique it is possible to decrypt passwords for SQL Server Credentials as well. I modified the previously released password decryption script a little, namely by just changing the location where the encrypted passwords are stored, and released an updated PowerShell script for Credential decryption
5 things you can do to limit your exposure to insider threats(CSO) Target, Home Depot, Michael's, Dairy Queen, Sony…the list of major data breaches that have occurred over the last year or two is extensive. While most — if not all — of those attacks were a function of external hackers penetrating the network, authorized users inside the network still pose a more substantial threat
Business Forum: Companies need a detailed data breach battle plan(Minneapolis StarTribune) In this era of increasing data breaches and technological snafus, businesses are faced with the reality that their customers' personal information may be at risk. In addition to being prepared to take swift action in the event a breach occurs, businesses should also take proactive steps that will accelerate their ability to lessen the internal chaos and public relations nightmare that accompany many data breaches
Encrypted Messaging App Wickr Hides Behind Cats To Post Facebook Pics Privately(TechCrunch) Cat photos are some of the most popular images on the web today, and encrypted messaging service Wickr is tapping into that, along with one of the classic tricks of the spy trade called steganography, to launch a new service that marks its first foray into the wider world of social networking: a way to post Facebook photos from Wickr by hiding them behind pictures of cute kitties
What makes phishing emails so successful?(Help Net Security) According to the results of a study performed by researchers from the University at Buffalo, "information-rich" emails that alter the recipients' cognitive processes are mostly to blame for the success of phishing scams
Australia launches cyber-weapons in global counter-terrorist operations(Australian Financial Review) The frequency and severity of global cyber-attacks is rising rapidly and extending into outright cyber-war between states. And Australia is no innocent bystander, developing its own cyber-weapons, which we can reveal for the first time have been deployed in counter-terrorist operations overseas
Congress Should Refocus DHS on Crucial Cybersecurity Reforms(Heritage Foundation) Several weeks ago, President Barack Obama announced that the Department of Homeland Security (DHS) would provide work authorization and protection from deportation to as many as 5 million unlawful immigrants. While Heritage has written on the harm done by the President's executive actions to the U.S. immigration system and the rule of law, another serious side effect is the harmful redirection of attention and resources away from pressing homeland security issues ranging from terrorism to emergency preparedness to institutional reform at DHS
Marines' planning guidance highlights cyber, tech needs(C4ISR & Networks) The Marine Corps' recently released 36th Commandant's Planning Guidance is setting the tone for the future of Marine Corps operations, including growing emphasis on the cyber domain and tech-heavy training
Navy Information Dominance Forces holding establishment ceremony(DVIDS) Navy Information Dominance Forces (NAVIDFOR) Command will hold an establishment ceremony this Wednesday, Jan. 28, starting at 9 a.m. in the Information Dominance Corps' Heroes Auditorium at 112 Lake View Parkway aboard the DOD Complex in Suffolk, Virginia
Google asked to muzzle Waze 'police-stalking' app(Naked Security) GPS trackers on vehicles; stingray devices to siphon mobile phone IDs and their owners' locations; gunshot-detection sensors; license plate readers: these are just some of the types of surveillance technologies used by law enforcement, often without warrants
TSA over-classified parts of DHS IT security report on JFK airport, says IG(FierceHomelandSecurity) The Homeland Security Department's inspector general said Transportation Security Administration officials are unnecessarily concealing information in a new report that highlighted the vulnerabilities of security controls of DHS technology systems at John F. Kennedy International Airport
Police ransomware scam drives UK teen to suicide(Help Net Security) For most people, a ransomware infection is not a huge tragedy: they pay the bogus fine (or not), and ultimately get their computer back either because the criminals unlock it or because they clean up the machine themselves
Jury convicts Sterling of espionage in leak to New York Times(Biloxi SunHerald) A federal court jury on Monday found Jeffrey Sterling, a former CIA employee, guilty of espionage charges for leaking to The New York Times over a decade ago details of a secret U.S. attempt to slow Iran's development of nuclear weapons
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
Insider Threat Symposium & Expo(Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively...
1st Annual Billington Corporate Cybersecurity Summit(New York, New York, USA, May 27, 2015) Join Billington CyberSecurity's unparalleled network of cybersecurity professionals as they provide hard-earned insights and education to a high level and exclusive group of attendees from the corporate...
AppSec California(Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...
Financial Cryptography and Data Security 2015(San Juan, Puerto Rico, USA, January 26 - 30, 2015) The goal of the conference is to bring security and cryptography researchers and practitioners together with economists, bankers, implementers and policy-makers. Intimate and colourful by tradition, the...
Data Privacy Day San Diego — The Future of IoT and Privacy(San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...
CSEAN Cyber Secure Nigeria 2015 Conference(Garki Abuja, Nigeria, January 29, 2015) The vast scope of cyber threats makes a compelling case for a multi-stakeholder collaboration in curbing domestic and International threat. "Cyber Secure Nigeria 2015" conference encapsulates various hot...
Data Connectors Los Angeles 2015(Los Angeles, California, USA, January 29, 2015) The Los Angeles Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...
Transnational Organized Crime as a National Security Threat(Washington, DC, USA, January 29, 2015) United Kingdom's National Crime Agency Director General Keith Bristow will discuss transnational organized crime as a national security threat, focusing on economic and cyber crimes, and digging into the...
ISSA CISO Forum(Atlanta, Georgia, USA, January 29 - 30, 2015) Corporate Information Security and Legal programs must be closely aligned to be successful in today's world. Customer and vendor contracts require strong security language. Response to data breaches are...
NEDForum > London "What we can learn from the Darknet" (London, England, UK, January 30, 2015) The 2nd NED Forum event comes to London on Friday 30th January 2015, the day of the White Hat Ball. The event will focus on the Darknet and where it provides a rich source of learning that can be applied...
Cyber Threat Intelligence Summit(Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities
ICSS 2015: International Cyber Security Strategy Congress(Leuven, Belgium, February 4 - 5, 2015) ICSS2015 will present the latest developments and thoughts in the field of cybercrime and cybersecurity and will be a unique gathering of cybercrime experts from all over the world. The objective of the...
Suits and Spooks(Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...
Nullcon 2015(Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats
Salt Lake City Tech-Security Conference(Salt Lake City, Utah, USA, February 5, 2015) The Salt Lake City Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...
ICISSP 2015(Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...
2015 Cyber Risk Insights Conference — London(London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...
AFCEA West 2015(San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
DEFCON | OWASP International Information Security Meet(Lucknow, India, February 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading...
10th Annual ICS Security Summit(Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...
Cybersecurity: You Don't Know What You Don't Know(Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.