Those curious about how terrorist organizations establish persistent networks will find Perspectives on Terrorism's study interesting.
This week's outages at the New York Stock Exchange and United Airlines remain under investigation, but the emerging consensus is that they were unrelated and not the result of an attack. (Complex systems do fail, and their very complexity can constitute in effect a vulnerability, as discussions of ERP systems suggest.) The incidents have pumped up the valuations of some cyber security stocks.
The OPM affair in the US looks worse: over 21 million individuals' records are now acknowledged to have been compromised. Director Archuleta resigned this morning.
The consensus on the just-patched OpenSSL certificate verification bug is that it's serious, but not quite as serious as Heartbleed. Nevertheless, patch.
Hacking Team's data are still out there. Netragard, whose name appears amid those data, says it's pleased to be mentioned in dispatches, since the data make it look pretty good.
Those interested in the difference between bug hunting for fixes and bug hunting for exploitation may contrast accounts in (unrelated) stories by OpenDNS (the former) and Ars Technica (the latter).
VMware patches three products against a privilege-escalation vulnerability.
Singer and Cole make flesh creep with visions of what a World War III would look like (no spoiler: lots of cyber action).
The FBI still hasn't convinced encryption advocates that backdoors are either desirable or realistic (even after announcing it stopped terror attacks planned around Independence Day).
Today's issue includes events affecting Estonia, Iraq, Israel, Italy, Japan, Palestine, Syria, United Arab Emirates, United Kingdom, United States.
Cyber Attacks, Threats, and Vulnerabilities
How Jihadist Networks Maintain a Persistent Online Presence(Perspectives on Terrorism) Jihadist groups have used the opportunity created by the proliferation of social media platforms to create a persistent as well as ideologically cohesive presence for jihadist propaganda online which is intended to attract fighters and fundraisers to the cause. This article uses a range of big data techniques including network analysis, combined with examples of Jihadist communication strategy to identify the elements which have allowed groups to maintain a permanent presence for their content online, despite the efforts of western Governments working with social media platform providers
Akamai says it doesn't see any 'anomalies' after major Internet outages(Boston Business Journal) A spokesperson for Akamai Technologies, a Cambridge-based Internet content delivery firm, on Wednesday said the company hasn't seen any unusual activity in the midst of mysterious series of website outages that have impacted organizations including the New York Stock Exchange
United, NYSE and WSJ Glitches Were Not a Cyber Attack(Security Debrief) There's an old axiom in science and statistics: correlation does not imply causation. It's a caution against deducing too much from a seeming connection. Sometimes what walks and talks like a duck isn't actually a duck
OPM hack hit potentially millions of troops, vets(Military Times) Social Security numbers, family information, health records and even fingerprints of 21.5 million federal employees — including potentially millions of military personnel — were included a massive data theft last month from the Office of Personnel Management, officials acknowledged Thursday
Are Secure Communications Really Secure? Government Sites Affected by Weak DHE(TrendLabs Security Intelligence Blog) How secure is online public communication? Last May, a paper was published that discusses about the Diffie-Helman (DH) crypto-strength deployment, which gives strong evidence that the current DH usage is weak and suggests that 1024-bit size parameters can be broken with a nation state's computing power resources
Down the Darknet Rabbit Hole Again(Dark Matters) I've been back down the rabbit hole, into the Darknet again and it's been a hell of a hostile and discordant excursion this time. For those of us who are merely researching the cybercriminal ecosystem, it can become an extremely precarious place to visit sometimes
DDoS ransom notes: why paying up will get you nowhere(DDoSInfo) DDoS attacks are getting more frequent and more harmful, but the key is not to be blackmailed If a large man stopped you on a street corner and told you that if you hand him five dollars, he won't punch you in the face, what would you do?
Detroit Zoo, eight others across the county experience POS breach(SC Magazine) The Detroit Zoo along with eight other zoos across the country announced that Service Systems Associates (SSA), a third party vendor that handles retail and concession payments, experienced a point-of-sale (POS) breach that affected customers between March 23 and June 25 of this year
Credit Card Breach at a Zoo Near You(KrebsOnSecurity) Service Systems Associates, a company that serves gift shops and eateries at zoos and cultural centers across the United States, has acknowledged a breach of its credit and debit card processing systems
Security Patches, Mitigations, and Software Updates
Alternative chains certificate forgery (CVE-2015-1793)(OpenSSL Security Advisory) During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate
9 emerging trends to watch in access control(Security InfoWatch) As new and evolving access control technologies continue to deliver improvements in performance, efficiency and cost-effectiveness, the potential applications for these systems are expanding far beyond their traditional deployments. In particular, networked and software-based solutions have had significant impacts on the growing role of access control systems in security, as well as other areas
Risk management programs lack maturity, new strategies needed(Help Net Security) With cyber attacks and data security threats looming at insecure access points, the increased scrutiny of regulators and the focused attention of boards of directors, the outsourcing of critical services to third parties requires a robust vendor risk management program and stringent oversight — now more than ever. Yet the results of a new study suggest that many companies may be underperforming in these areas
The Insurance Industry's Unique Vantage Point On Cyber Security(Forbes) Scott Kannry is the Chief Executive Officer of Axio Global. Scott's entire career has been in the commercial insurance industry with a focus on cyber and previously spent 10 years in the Financial Services Group at Aon. He works with clients in all industries but specializes in those with evolving cyber risks, such as energy, utility, transportation and manufacturing
Managing Manufacturing Risk: Cyber Enters the Picture(Property Casualty 360) As cyber threats top the list of concerns for manufacturers, a continued uptick in business activity presents growth opportunities for brokers. But when crafting coverage, they must be vigilant to guard against both traditional risks and new exposures
Splunk Makes Smart Acquisition — Maintain Outperform(FBR Capital Markets) Last night, Splunk announced it had acquired Caspida, Inc., a leader in behavior analytics and machine learning, for $190 million. Caspida provides advanced threat detection and covers unknown threats that have already penetrated the enterprise. When coupled with Splunk's existing security solutions, the company should have the ability to detect advanced, hidden, and insider threats, improve threat detection with targeted incident response, and increase security operations center (SOC) efficiency. Caspida was launched in 2014 and is based in Palo Alto, California. Strategically, we believe this is a smart acquisition as it combines Splunk's existing response technologies with Caspida's advanced threat detection capabilities and broadens Splunk's product footprint and customer reach, key ingredients in the company's recipe for success on the security front, in our view
Fortinet Closes Acquisition of Meru Networks(MarketWatch) Fortinet FTNT, +0.51% the global leader in high-performance cyber security solutions, today announced it has closed the acquisition of Meru Networks MERU a leader in intelligent Wi-Fi networking
Google fine tunes spam catching tools(IDG via CSO) Google has reduced spam reaching inboxes to a fraction of a percent, but in the process sometimes misclassifies bulk-mailed messages like monthly statements and ticket receipts
Startup Tanium Adds Security Smarts to System Management Platform(The VAR Guy) Systems management startup Tanium has expanded into the security space with a new platform component that can help enterprises detect cyberattacks across numerous endpoints, replacing what's typically a time-consuming process with fast and accurate results, the company said
Can Eyeprint 'selfies' replace hardware tokens?(SC Magazine) Eyeprints — of veins in the white, not the iris of an eye — captured via selfie are another biometric option for 2-factor security, but concerns about the implications of compromise remain
How IKEA Does PCI-DSS(eSecurity Planet) Attaining PCI-DSS compliance is no easy task, but IKEA's common sense approach makes it a bit less taxing
Why is ERP security so difficult?(Help Net Security) ERP (Enterprise Resource Planning) security has been all over the news lately. From high profile breaches, like the recent U.S. Office of Personnel Management breach, to researchers presenting vulnerabilities in ERP systems at recent security conferences, the visibility of ERP in the security community has never been higher
How to prepare for and respond to a cyber attack(Network World) Cybercriminals are constantly looking for new ways to bypass security measures. In a survey conducted by the SANS Institute on the behalf of Guidance Software, 56% of respondents assumed they have been breached or will be soon, compared with 47% last year
5 security tips to defeat cybervillains at Comic-Con 2015(We Live Security) We are just days away from the start of Comic-Con in San Diego, and if you are heading on an away mission into the crowd of fellow fans, you may be wondering how to keep your data and devices safe. Being in the midst of such a large group of people provides a lot of tempting targets for cybercriminals who aim to misbehave, and the opportunity for both direct attacks, like physical theft, and more subtle attacks like malware infection
Design and Innovation
Carmakers to tech partners: Keep your hands off our data(Reuters) Carmakers are limiting the data they share with technology partners Apple Inc and Google Inc through new systems that link smartphones to vehicle infotainment systems, defending access to information about what drivers do in their cars
Single photons for quantum cryptography(Keio Research Highlights) Carbon nanotubes that emit single photons at telecommunication wavelengths and room temperature could be useful for quantum cryptography
Classifying Data Objects (United States Patent Application 20150178383)(Free Patents Online) Methods, systems, and apparatus, including computer programs encoded on computer storage media, for classifying data objects. One of the methods includes obtaining data that associates each term in a vocabulary of terms with a respective high-dimensional representation of the term; obtaining classification data for a data object, wherein the classification data includes a respective score for each of a plurality of categories, and wherein each of the categories is associated with a respective category label; computing an aggregate high-dimensional representation for the data object from high-dimensional representations for the category labels associated with the categories and the respective scores; identifying a first term in the vocabulary of terms having a high-dimensional representation that is closest to the aggregate high-dimensional representation; and selecting the first term as a category label for the data object
Sawab means the right path, ISIL the wrong one(National) For a year now, the terrorist group ISIL, or Daesh as it is known throughout the Middle East, has seized attention through its rapid growth and expansion. To fuel this growth, ISIL has maliciously twisted and corrupted the peaceful teachings of Islam, using sensationalist brutality to appeal to the most vulnerable members of our societies
Katherine Archuleta, Director of Office of Personnel Management, Resigns(New York Times) Katherine Archuleta, the director of the Office of Personnel Management, will resign effective Friday, according to a White House official, one day after it was revealed that sweeping cyberintrusions at the agency resulted in the theft of the personal information of more than 22 million people
Prepare for Breaches(The Hill) The data breach at the Office of Personnel Management that saw millions of sensitive personnel records stolen is a teaching moment for information assurance, but policymakers are cutting class
DHS Secretary: 'Federal cybersecurity is not where it needs to be'(Nextgov) Department of Homeland Security Secretary Jeh Johnson on Wednesday reaffirmed his goal to make the latest version of a cybersecurity intrusion detection and prevention platform — known as EINSTEIN 3A — available to all federal civilian agencies by the end of 2015
WPI professor co-authors cybersecurity report(Worcester Telegram) Somewhere in cyberspace, ISIS operatives are busy planning something and the Federal Bureau of Investigation's concern is that thanks to today's stronger encryption technology, it's increasingly difficult to figure out what that something is
U.S. Government Wades into Vulnerability Disclosure(Threatpost) Security researchers and software vendors have spent decades trying to work out the process of vulnerability disclosure, with limited success. Now the federal government is joining the fray in hopes of getting the two sides to play nice
FBI says it thwarted Islamic State-inspired July 4 attacks(Reuters via MSN) U.S. authorities foiled attacks planned around the Fourth of July, arresting more than 10 people in the month before the holiday who were inspired by Islamic State online recruitment, FBI Director James Comey said on Thursday
Two US telecom companies to pay $3.5 million for data breach(IDG via CSO) Two sister mobile and telecom service providers will pay a combined US$3.5 million after the U.S. Federal Communications Commission found that they were storing customers' personal data on unprotected servers accessible over the Internet
Federal cyberstalking case sent to Delaware jury(AP via KLTV) Jurors began deliberating Wednesday in the federal conspiracy and cyberstalking case against the widow and children of a man who killed his ex-daughter-in-law at a Delaware courthouse in 2013
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Newly Noted Events
California Cybersecurity Task Force Quarterly Meeting(Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...
Inside Data Science 2015(Monterey, California, USA, November 3 - 4, 2015) At the Inside Data Science 2015 Conference (IDS2015) our focus is not on the storage or volume of data, but rather the importance of what you do with it. To synchronize the processing, exploitation and...
National Insider Threat Special Interest Group Meeting(Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.
TakeDownCon Rocket City(Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...
CyberMontgomery 2015(Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.