skip navigation

More signal. Less noise.

Daily briefing.

The US FBI has warned businesses to beware of new cyber espionage campaigns emanating from China (some of them are exploiting the recently patched Flash vulnerabilities).

Coincidentally or not, China turns the screws on Western — particularly US — IT firms, asking them to supply source code, submit to intrusive security inspections, and install backdoors if they hope to sell to Chinese banks. (Apple may be particularly affected.)

Kaspersky and others continue to focus on Britain's GCHQ as the author of Regin spyware. (Snowden documents deliver a separate poke to another of the Five Eyes with allegations of global Internet surveillance by Canada's CSE.)

The ZeroAccess botnet is back and freshly equipped with click-fraud functionality. Cutwail's botmasters also show some new tricks, distributing the Dyre banking Trojan in short-burst spam "blitzes."

Linux vendors patch GHOST, but worries of Internet "collateral damage" persist.

LIFARS claims it's found privacy vulnerabilities in both Chrome and Firefox.

FreeBSD patches code execution and memory flaws in its kernel code.

Security experts study real and ramified costs of attacks: data breaches ("a personal nightmare" for security officers) and denial-of-service attacks (damage quantified) are analyzed.

The Gnomes of Zurich are staking out a corner of cyberspace: as international banking becomes less private, Swiss bankers turn their expertise to data security.

The Internet-of-Things draws regulators' attention in the US and UK.

Why does Iran hack? To enhance its regional power.

No, the FBI is not opening a dating service for skids, but one Special Agent thinks, hey, that's a thought.


Today's issue includes events affecting Australia, Brazil, Canada, China, Estonia, Finland, Germany, India, Iran, Italy, Japan, Republic of Korea, New Zealand, Romania, Russia, Taiwan, Ukraine, United Kingdom, United States, and Venezuela.

Cyber Attacks, Threats, and Vulnerabilities

Businesses warned about new espionage campaigns from of China (CSO) FBI memo references zero-day vulnerabilities in Adobe Flash as just one of the tools used by the group out of China

Cyber sleuths find 'smoking gun' linking British spy agency to Regin malware (Mashable) Ever since the sophisticated and unprecedented cyberattack platform called "Regin" was uncovered in November, cyber sleuths have been working hard to put together all the pieces of this complicated puzzle

ZeroAccess botnet 'reloaded' again with click-fraud activity (Security Affairs) The Dell SecureWorks Counter Threat Unit (CTU) research team observed the ZeroAccess botnet resumes again with click-fraud activity

Dyre Banking Trojan Delivered to Millions via Blitz Spam Attacks (Softpedia) The operators of the Cutwail spam botnet have changed their tactics and started to send the malicious emails in bursts of just a few minutes, targeting millions of users in one charge

New Linux Bug Could Cause "a Lot of Collateral Damage on the Internet" (Gizmodo) Linux users around the world are scrambling to update their operating systems, as a new flaw known as GHOST has been shown to have the potential to cause "a lot of collateral damage on the Internet"

Reactions to the serious vulnerability found in Glibc (Help Net Security) The Qualys security research team has found a critical vulnerability in the Linux GNU C Library (glibc), that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials

D-Link routers vulnerable to DNS hijacking (Help Net Security) At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered

Multiple vulnerabilities in the FreeBSD kernel code (Help Net Security) Francisco Falcon from the Core Exploit Writers Team found multiple vulnerabilities in the FreeBSD kernel code that implements the vt console driver (previously known as Newcons) and the code that implements SCTP sockets

Serious Flaw Affecting Chrome and Firefox Can Reveal Your Private and Public IP Address (LIFARS) A new JavaScript code can reveal all your Public and Private IPs to servers you're accessing. These requests are not stoppable by privacy and adware plugins, such as Ghostery or Adblock

RansomWeb: Crooks Start Encrypting Websites And Demanding Thousands Of Dollars From Businesses (Forbes) In another startling development in the world of cyber crime, malicious hackers have started taking over website servers, encrypting the data on them and demanding payment to unlock the files. A large European financial services company, whose name was not disclosed, was the first known victim of this potentially business-destroying attack, according to Swiss security firm High-Tech Bridge, which investigated the breach in December 2014

Security Patches, Mitigations, and Software Updates

Linux distrib vendors make patches available for GHOST ( Qualys said on Tuesday that there was a serious weakness in the Linux glibc library. During a code audit, Qualys researchers discovered a buffer overflow

FreeBSD Patches Code Execution, Memory Corruption Bugs (Threatpost) Developers behind the operating system FreeBSD patched a handful of vulnerabilities in its kernel code yesterday that could have enabled an attacker to crash the system, execute arbitrary code, or disclose sensitive kernel memory

Cyber Trends

Global Cyber Defense Demand Will Exceed Capability for Years To Come (Defense One) While the spate of recent cyber attacks against Finland, Germany,Ukraine, and U.S. Central Command has governments worrying about how to combat cyberwarfare, Singapore just took a rare radical step towards doing so. On Tuesday, Prime Minister Lee Hsien Loong's office announced the creation of the Cyber Security Agency of Singapore, which "will provide dedicated and centralised oversight of national cyber security functions." Given the sinister ways in which cyber threats are evolving, the move is a necessary step for a wired, wealthy nation that has long been the target of cyber crime

Breaches are a personal nightmare for corporate security pros (Network World) A data compromise opens up a world of legal and regulatory troubles

How much can a DDoS attack cost your organization? (Help Net Security) A DDoS attack on a company's online resources might cause considerable losses — with average figures ranging from $52,000 to $444,000 depending on the size of the company. For many organizations, these expenses have a serious impact on the balance sheet as well as harming the company's reputation due to loss of access to online resources for partners and customers

Energy Data Privacy Risks: What You Don't Know Can Hurt You (Energy Collective) Wednesday is Data Privacy Day in the USA, and it should receive heightened awareness after the recent Sony Pictures cyberattack. While media attention focused on cybersecurity weaknesses, privacy is the natural consequence of good cybersecurity. Security — cyber and physical — is a strategy that ensures a privacy outcome

Data Security Policies Are Improving, but Risks Keep Rising (eWeek) More than half (51 percent) of the organizations surveyed maintain multiple data protection policies, a Lumension report finds

Cybercrime, hacking a worry for SMBs (IT-Online) Cybercrime costs the global economy $445-billion annually, and cyber espionage and stealing personal information is believed to have affected more than 800-million people during 2013

Threats and technologies of a shifting data security landscape (Help Net Security) With every email now a target and every piece of data at risk, the need for data protection maturity has never been higher. According a new study released by Lumension, IT security departments are responding with better policies, improved technology approaches and financial commitment

How important is online privacy? (Help Net Security) Consumer online privacy concerns remain extremely high with 92 percent of American internet users worrying to some extent about their privacy online


Enterprises turning to managed services for IT security support (ZDNet) Enterprises are shifting towards managed services because they are unable to fill the skills they need within their IT security team

China's Strict New Security Laws Are Bad News For Apple (Business Insider) China is introducing strict new rules for technology companies that want to sell their products to Chinese banks, The New York Times reports — stoking fears of a crackdown that could harm American businesses

Switzerland Is Cashing In On Hacking Paranoia By Marketing Itself As A Safe Haven For Storing Data (Business Insider) Switzerland, facing an erosion of the banking secrecy laws that helped make it the world's banker, is now touting its reputation as a safe and stable haven to become a global data vault

Cyber security accelerator programme launches in London (Financial Times) Europe's first business accelerator programme focused on cyber security has been launched in London, with backers aiming to tap into the technology start-up scene and build on links with the UK government

UK start-ups look to cash in on cyber-security (SC Magazine) As news breaks of the UK's first accelerator for cyber-security start-ups, experts say that local firms could take advantage of a worldwide trend — being safe online

Silicon Safe Targets US Cyber Security Market (Business Weekly) Another cyber security company from the Cambridge UK technology hotspot is blazing a trail towards the lucrative US market

Japan sees 12.8 billion cyber attacks a year. This Israeli company wants to help (Tech in Asia) From today, Votiro, an Israeli cyber-security startup launches in Japan. The island nation's pacifism has kept it out of war zones for nearly seventy years, but the online world presents a different battlefield

How Startup Surfwatch Is Waging War against Cybercriminals (DCInno) As Sony may reluctantly tell you, cybersecurity is a sector where there is massive demand but a shortage of supply — and slow development. SurfWatch Labs, formerly named HackSurfer, is a Sterling, Virginia-based cybersecurity startup that is working to bridge that gap between business executives and their cyber defense teams

Check Point set for A/NZ hiring binge (ARN) Vendor launches new channel program for A/NZ partners

KEYW Holding Corp. Rating Lowered to Underperform at Zacks (KEYW) (The Legacy) KEYW Holding Corp. (NASDAQ:KEYW) was downgraded by Zacks from a "neutral" rating to an "underperform" rating in a research note issued on Wednesday. They currently have a $9.00 price target on the stock. Zacks's price target suggests a potential downside of 5.36% from the company's current price

NSFOCUS Evaluated in Gartner Competitive Landscape: DDoS Mitigation Solutions (Hosting News) The DDoS threat landscape is growing at an unprecedented volume and rate. NSFOCUS, a global provider of DDoS mitigation solutions and services announced today that it has been included in Gartner's Competitive Landscape: DDoS Mitigation Solutions report

Products, Services, and Solutions

KT and Qualcomm join force to develop LTE-based IoT security gateway (WhoWiredKorea) KT and Qualcomm have agreed to join force in developing a LTE-based security gateway solution converging IoT technologies

Vodafone unwraps anti-snooping app for businesses (ZDNet) Vodafone has joined Deutsche Telekom in offering an encrypted comms app for German corporates

AVG Tied for Best Free Antivirus Software (JBG News) The tech world is full of different websites and publications offer their own opinions on whether or not a particular piece of software or new gadget is worth the consumer's time. However, only you can really make that choice, but it doesn't hurt to get a second opinion. According to Geek Snack, AVG is currently tied with Avira for the very best free antivirus software available for you to download right now

Lastline Emulating its Way to Security Breach Detection Success (Internet News) The Lastline platform provides a full-system emulation approach to detecting malware and potential breach risks. At the core of the platform, Lastline leverages the open-source QEMU (Quick EMUlator) emulator, which, according to Kirda, Lastline has heavily modified and extended

N-Dimension Alerts Utilities to Cyber Attacks Before Hackers Cause Havoc (Sys-Con Media) N-Dimension, the leader in innovative cybersecurity products protecting distributed smart energy networks from cyber attacks, today announces introduction of N-Sentinel. N-Sentinel is a continuous cybersecurity monitoring and alerting solution optimized for utilities

ThreatMetrix Delivers Frictionless Authentication for Financial Institutions to Minimize Costly Multi-Factor Authentication and Improve the Online Customer Experience (PRWeb) ThreatMetrix offers alternatives to RSA's outdated adaptive authentication through Its risk-based suthentication solution

Checkmarx Introduces CxRASP to Secure Applications During Run-Time (Herald Online) When combined with existing Checkmarx products, CxRASP ensures complete application security from development to production

WatchGuard Firebox T10-W (PC Pro) The T10-W delivers joined-up security for wired and wireless networks at a price small businesses will love

G Data Total Security 2015 (PC Magazine) Some years ago I started using the term "mega-suite" for a product that adds useful security tools over and above those found in the same vendor's entry-level security suite

Elcomsoft iOS Forensic Toolkit Adds Acquisition Support for iOS 8 Devices, Extracts Apple ID and Password (Sys-Con Media) ElcomSoft Co. Ltd. updates iOS Forensic Toolkit, adding physical acquisition support for 32-bit iOS 8 devices. Physical acquisition support is now available for iOS 8 devices including iPhone 4S, 5 and 5C, iPad 2 through 4, the original iPad Mini, and iPod Touch 5th gen. In addition, the new release extracts Apple ID and password (if available), enabling real-time acquisition of iCloud backups via a separate tool

Coalfire Receives Accreditation from ANAB as ISO 27001 Certification Body (Fort Mill Times) Coalfire, a leading global provider of cyber risk management and compliance solutions, announced accreditation of its subsidiary, Coalfire ISO, Inc. by the ANSI-ASQ National Accreditation Board (ANAB) to certify organizations to the ISO 27001 Information Security Standard. Coalfire is one of less than a handful of North American organizations that have achieved this prestigious accreditation from ANAB

Technologies, Techniques, and Standards

Who runs an anti-virus scan these days? Apparently almost nobody (TechWorld) The traditional anti-virus scan seems to be close to extinction, with barely one in ten PC users bothering to run them regularly, or at all, according to the latest analysis from security firm OPSWAT

Guidance to improve risk management and IoT (Help Net Security) As connected devices infiltrate the workplace — some with IT's knowledge and some without — both value and risk can increase significantly. ISACA has released new guidance urging companies to ask nine critical questions as they grapple with the Internet of Things (IoT)

DAws — Advanced Web Shell (Windows/Linux) (Kitploit) There's multiple things that makes DAws better than every Web Shell out there

The most cyber-attacked city is a model town (Panda Security) There's a city in a secret place in the state of New Jersey where the public services are always a mess. Power cuts, water supply problems and even Internet outages. Then add to that banks, stores, hospitals, schools and public transport that can't operate normally on a daily basis because their security is continually compromised. In this city however no human being has to suffer any of the consequences. Nobody lives there: the city is just 1.8m wide by 2.4 m long

10 tips to secure your iPhone (CSO) No more is it enough to think that securing your iPhone with a simple 4 digit PIN is adequate

How Learning Defends Against Hackers (Chief Learning Officer) Don't neglect the opportunity to develop in-house security capabilities

7 ideas for security leaders (CSO) Seven inspiring ideas for small changes that lead to big improvements in both security posture and leadership in the next few weeks

Context (& Quality) Is King with Threat Intelligence (Sys-Con Media) As an industry, we need to work together to understand threat data better

FTC report on IoT calls for update to HIPAA standards (FierceHealthIT) A Federal Trade Commission report on how to reduce the security and privacy risks for consumers posed by the Internet of Things (IoT) has drawn criticism, even by one of the FTC's own commissioners

Design and Innovation

The Passwordless Experience is set to transform the way we pay (Finextra) As security breaches continue to grab headlines, I was intrigued by new claims that not only could online security be improved for consumers, but it could actually become a more delightful user experience. The launch of Apple Pay has proven to us that this is possible

Research and Development

US Military wants to replace passwords with "cognitive fingerprints" (Naked Security) Researchers at the US military's elite West Point military academy have been awarded a multi-million dollar contract to produce a new identity verification system based on users' behaviour

Legislation, Policy, and Regulation

New Rules in China Upset Western Tech Companies (New York Times) The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars' worth of business in China

China puts cybersecurity squeeze on US technology companies (Guardian) American business lobbies protest over edict to reveal software source code and use encryption dictated by Beijing

Why Iran Hacks (Dark Reading) Iran is using its increasingly sophisticated cyber capabilities to minimize Western influence and establish itself as the dominant power in the Middle East

Snowden files show Canada spy agency runs global Internet watch: CBC (Reuters) Canada's electronic spy agency has been intercepting and analyzing data on up to 15 million file downloads daily as part of a global surveillance program, according to a report published on Wednesday

Internet of Things: Governments start to take a closer look (ZDNet) Ofcom and the FTC are the latest government agencies to start work on their strategies for, and responses to, the IoT

Senate panel begins crafting cybersecurity bill (USA TODAY) A key Senate panel took the first step Wednesday toward crafting legislation to give businesses greater incentives to share information about cyber threats with the federal government

The Next Step in the Cybersecurity Plan (Armed with Science) Continuing an effort to help defend the nation's computer-connected systems, President Barack Obama announced additional steps that call for more information sharing, modernized law enforcement and updated security data breach reporting

Obama data security laws fail to address business uncertainty (TechTarget) President Barack Obama has introduced proposals for data security, but not everyone thinks they will address key questions for businesses

Security Experts Unite to Rewrite Proposed Cyber Laws (Security Week) It didn't take long for information security professionals to take to Twitter, blogs, and social media to blast the latest White House proposals for cybersecurity legislation. A small group of civic-minded professionals are calling on the industry to stop complaining and actually do something about it

Retailers Reiterate Support for Federal Data Breach Notification Standars (National Retail Federation) Law should cover all entities that maintain personal information

Lynch vows to 'expand and enhance' DOJ's cyber work (The Hill) Loretta Lynch, President Obama's nominee for attorney general, pledged on Wednesday to bolster the Justice Department's cybersecurity work if she is confirmed by the Senate

Spy panel shakeup will add focus on cyber, CIA (The Hill) The House Intelligence Committee is shaking up its structure to put a new focus on cybersecurity and the CIA, among other areas

Joe Demarest of The FBI Inducted Into Wash100 for Cyber Leadership (GovConExec) Executive Mosaic is honored to introduce Joe Demarest, assistant director of the FBI's cyber division, as the newest inductee into the Wash100

Litigation, Investigation, and Law Enforcement

Facebook vs 25,000 users — privacy class action lawsuit has initial hearing date set (Naked Security) An Austrian court has given the go ahead to a class action lawsuit brought against Facebook for alleged privacy violations across Europe

Hotels that block personal Wi-Fi hotspots will get busted, says FCC (Naked Security) The US Federal Communications Commission (FCC) didn't mince its words: hotels that block Wi-Fi are breaking the law

FBI agent reportedly says the only way to beat Anonymous 'is to get them all girlfriends' (Fusion) During a presentation for Data Protection Day in Europe, FBI special agent Chuck Esposito apparently made light of the most obvious hacker stereotype — that all hackers are lonely, misanthropic nerds — according to a tweet by Christian Svanberg, a Copenhagen-based privacy lawyer

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

2015 Community College Cyber Summit (3CS) (North Las Vegas, Nevada, USA, June 17 - 19, 2015) The second annual Community College Cyber Summit (3CS), hosted by the College of Southern Nevada, is organized and produced by the five cybersecurity-related Advanced Technological Education (ATE) centers...

Upcoming Events

Financial Cryptography and Data Security 2015 (San Juan, Puerto Rico, USA, January 26 - 30, 2015) The goal of the conference is to bring security and cryptography researchers and practitioners together with economists, bankers, implementers and policy-makers. Intimate and colourful by tradition, the...

CSEAN Cyber Secure Nigeria 2015 Conference (Garki Abuja, Nigeria, January 29, 2015) The vast scope of cyber threats makes a compelling case for a multi-stakeholder collaboration in curbing domestic and International threat. "Cyber Secure Nigeria 2015" conference encapsulates various hot...

Data Connectors Los Angeles 2015 (Los Angeles, California, USA, January 29, 2015) The Los Angeles Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...

Transnational Organized Crime as a National Security Threat (Washington, DC, USA, January 29, 2015) United Kingdom's National Crime Agency Director General Keith Bristow will discuss transnational organized crime as a national security threat, focusing on economic and cyber crimes, and digging into the...

ISSA CISO Forum (Atlanta, Georgia, USA, January 29 - 30, 2015) Corporate Information Security and Legal programs must be closely aligned to be successful in today's world. Customer and vendor contracts require strong security language. Response to data breaches are...

NEDForum > London "What we can learn from the Darknet" (London, England, UK, January 30, 2015) The 2nd NED Forum event comes to London on Friday 30th January 2015, the day of the White Hat Ball. The event will focus on the Darknet and where it provides a rich source of learning that can be applied...

Cyber Threat Intelligence Summit (Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities

ICSS 2015: International Cyber Security Strategy Congress (Leuven, Belgium, February 4 - 5, 2015) ICSS2015 will present the latest developments and thoughts in the field of cybercrime and cybersecurity and will be a unique gathering of cybercrime experts from all over the world. The objective of the...

Suits and Spooks (Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...

Nullcon 2015 (Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats

Salt Lake City Tech-Security Conference (Salt Lake City, Utah, USA, February 5, 2015) The Salt Lake City Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...

ICISSP 2015 (Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...

2015 Cyber Risk Insights Conference — London (London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...

AFCEA West 2015 (San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.

Cybergamut Technical Tuesday: An Hour in the Life of a Cyber Analyst (Hanover, Maryland, USA, February 17, 2015) Workshop Description: This hands-on workshop will demonstrate how easy it is for a breach to occur by analyzing a virtualized web server environment. Participants will use open source tools such as port...

DEFCON | OWASP International Information Security Meet (Lucknow, India, February 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading...

10th Annual ICS Security Summit (Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...

Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...

NEDForum: Cyber Network Exploitation and Defence: "Darknet & the Primordial Soup of Cyber Crime" (Edinburgh, Scotland, UK, February 27, 2015) Speakers will cover such topics as: "Fear and loathing on Darknet," (Greg Jones, Managing Consultant, Digital Assurance), "Securing the internet of everything" (Rik Ferguson, Global Vice President Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.