skip navigation

More signal. Less noise.

Daily briefing.

Anon Ghost, apparently firmly in ISIS's camp, hacks Malaysian police Facebook and Twitter accounts.

As the US Federal CIO warns that the Government's security "sprint" may well uncover more problems, the scope of the OPM breach continues to sink in. (It will sink in farther as general realization of how many people who never applied for clearances nevertheless had their personally identifiable information compromised on someone else's SF-86.) Consensus among observers is that the breach was the culmination of a long-standing Chinese espionage campaign whose long march into OPM began in several little-attended third-party sites.

Congress will soon hold more hearings on the breach, which has lent impetus to pending cyber security legislation (much of which paradoxically focuses on information sharing). Text of three pending bills is linked below. Director Archuleta's exit in the wake of OPM's breach prompts widespread industry reflection on executives' vulnerability to cyber fails.

The Hacking Team breach has turned up more Flash and Java exploits, some of the former now being exploited, FireEye reports, by Chinese criminal gangs. Adobe is working to patch Flash, but Mozilla (which has now blocked Flash by default in its Firefox browser) and Facebook seem to think Flash ultimately unfixable.

Telegram, a "security-enhanced chat app," is in the midst of a days-long denial-of-service attack on its Asia-Pacific service. No attribution yet, but Quartz thinks it significant that the DDoS campaign coincides with a Chinese crackdown on human rights attorneys.

A minor mystery: Rhino Security has withdrawn ProxyHam, for unclear reasons.


Today's issue includes events affecting Australia, Brunei, Canada, China, Ethiopia, Germany, India, Malaysia, Morocco, Nigeria, Pakistan, Qatar, Romania, Sudan, Turkey, Turkmenistan, United Arab Emirates, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Malaysian Police Facebook, Twitter Accounts Hacked by Pro-ISIS Hackers (HackRead) The Malaysian Police Facebook and Twitter added to the list of targeted government social media accounts — Monday afternoon saw the pages of these accounts modified and pro-ISIS group Anon Ghost took liability

Hacked in the U.S.A.: China's Not-So-Hidden Infiltration Op (BloombergBusiness) The vast cyber-attack in Washington began with, of all things, travel reservations

Federal CIO: Cyber review may uncover more intrusions (The Hill) The government official leading a review of federal network security acknowledged that investigators might discover more digital intrusions on the government's outdated systems

Expect more hacker attacks on government: Obama's tech chief (New York Post) Expect more news of hack attacks on US government computers, the feds' chief information officer said in an interview published Saturday

Recapped: A quick round up of developments since Hacking Team was hacked (CSO) One week later, here's a recap of the latest developments to come out of the Hacking Team incident

Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems (TrendLabs Security Intelligence Blog) The dissection of the data from the Hacking Team leak has yielded another critical discovery: Hacking Team uses a UEFI BIOS rootkit to keep their Remote Control System (RCS) agent installed in their targets' systems. This means that even if the user formats the hard disk, reinstalls the OS, and even buys a new hard disk, the agents are implanted after Microsoft Windows is up and running

Hacking Team broke Bitcoin secrecy by targeting crucial wallet file (Ars Technica) Leaked e-mails brag HT could see "who got that money (DEA: anyone interested? :P )"

Zero-Day Exploit Alert: Flash, Java (BankInfoSecurity) More Hacking Team Flash exploits, plus Java APT attack

Chinese hackers used tools leaked after attack on Italian cybersecurity firm Hacking Team (South China Morning Post) Two major hacking groups linked to China are believed to have used exploits revealed in the wake of a recent attack on Italian cybersecurity firm Hacking Team

Are You Vulnerable to New Java Zero-Day Exploit? (Lumension Blog) Are the computers in your organisation still running Java?

Facebook CSO suggests Flash moratorium to end its crash bang wallops (Inquirer) Aha! Saviour of the universe?

A cyber attack struck messaging app Telegram just as China was cracking down on human rights lawyers (Quartz) This past weekend Telegram, a security-enhanced chat app, was crippled in Asia by a cyber attack — though by whom so far remains a mystery

DDoS Attack Against Telegram's Asian Pacific Server Enters Fourth Day (Tripwire: the State of Security) A DDoS attack continues to affect the Asian Pacific servers of messenger app Telegram as of Monday morning

Researchers Found Critical Vulnerability in LG's Update Center Application (HackRead) The LG Update Center Application faces yet another threat of cyber attack as was discovered by SEARCH-LAB Ltd in November 2014

Suspected cyber attack forces termination of crucial Qantas pilot vote (Sydney Morning Herald) A suspected cyber attack has forced the termination of a crucial vote on a new wage deal by Qantas' long-haul pilots, which the airline wants passed before it will commit to buying a fleet of new planes

Revisiting The Bunitu Trojan (Malwarebytes Unpacked) This post describes the infection process of the latest version of the Bunitu Proxy Trojan as seen delivered by the Neutrino Exploit Kit via a malvertising campaign

Land Rover recalls 65,000 cars because of software bug that could lead to theft (Graham Cluley) BBC News is reporting that more than 65,000 Range Rover and Range Rover Sport cars are being recalled because of a software bug in their central locking system that can allow thieves to steal vehicles

True confessions: I wrote for an Internet content mill (Ars Technica) One former backlink spam writer returns to share how the sausage is made

Security Patches, Mitigations, and Software Updates

Adobe patches weaponised Hacking Team zero-day vulnerability (ComputerWeekly) Adobe is patching a zero-day vulnerability researchers say was weaponised immediately after data was breached from software firm Hacking Team

Adobe promises patch for latest wave of critical Hacking Team zero-day exploits (ZDNet) Adobe devs must be working overtime to fix the latest vulnerabilities revealed through the Hacking Team cyberattack

After Facebook called for its death, now Firefox is blocking Flash by default (Neowin) After a number of issues and exploits have been discovered recently, Mozilla has taken a big step and is now blocking Flash in all of its Firefox browsers

Kaseya Patches Two Bugs in VSA IT Management Platform (Threatpost) A researcher has uncovered a pair of vulnerabilities in the Kaseya VSA IT management platform, including an open redirect that could be used to force users to visit an attacker-controlled sites

Cyber Trends

Opinion: Timing is everything for securing wireless communications (Christian Science Monitor Passcode) Even though disrupting wireless communications — whether cellphone networks or GPS — could harm the US economy and put lives at risk, these networks remain far too vulnerable to attacks

Android users not securing devices, survey shows (ComputerWeekly) Nearly half of Android users polled are not using a security app on their smartphone, with same proportion saying they did not know they needed a security app

Is Cognitive Biometrics a Retailer's Best Friend? (PYMNTS) The problem with security of all kinds is best typified by an experience anyone reading this can relate to — going through the security lines at the airport. After September 11, there are exactly zero adults in the United States who do not understand the extraordinary importance of properly screening people before we let them board a pressurized, jet-fuel packed, aluminum tube that blasts through the air at ~500 miles per hour — since the consequences of insufficiently doing so are quite catastrophic


Cybersecurity Gains Higher Profile Among Chief Financial Officers (Dark Reading) Deloitte study shows CFOs view security risks as a top threat to financial health

14 Security Fails That Cost Executives Their Jobs (Dark Reading) Katherine Archuleta, the director of the Office of Personnel Management, is the latest casualty of a data breach, but she's certainly not the only one. There's no job security when your job is security

Airbus plots exit from government comms biz (Register) Defence mobile, spookery, cyber-sec on the auction block

CrowdStrike, Cybersecurity Services Provider, Raises $100 Million (New York Times) In the wake of computer attacks on the government and other prominent targets, investor interest in cybersecurity is unsurprisingly high

Exclusive: cybersecurity startup RedOwl raises $17 million series b (Fortune) This Baltimore cybersecurity startup routs insider threats

TrapX Security raises $9 million in Series B funding (Tech Bulletin) TrapX Security Inc, deception-based cyber security firm has raised $9 million in Series B round of funding led by investors Intel Capital and Liberty Venture Capital along with existing investors BRM Group and Opus Capital

Symantec bets on simplicity, cloud and mobile (ComputerWeekly) Symantec is not trying to be all things to all people, but is instead focusing on threats and protecting information in the mobile and cloud environments

Hacking Team Promises to Rebuild Controversial Surveillance Software (Threatpost) The aftermath of the Hacking Team attack raised legitimate questions about the controversial Italian surveillance software vendor's long-term viability. With reams of sensitive internal data and intellectual property posted online, how could the company survive?

Has FireEye Run Out Of Steam? (Seeking Alpha) With the growth of cloud computing, cyber attacks are expected to increase rapidly. FireEye offers innovative solutions to cyber attacks and is spending heavily on new innovations. I've discussed below the reason why investors shouldn't be worried about the company's inability to report a profit. The company's focus on increasing market share will lead to long-term profits. The risk-reward ratio is in FireEye's favor and I think the stock is still a buy

JPMorgan: Palo Alto can more than triple market share by 2024 (Seeking Alpha) Palo Alto Networks (NYSE:PANW) can grow its market share from a current 7% to 24% by 2024 "as companies large and small continue to migrate their network security over to next-generation firewalls — a trend we estimate is only half done," writes JPMorgan's Sterline Auty, launching coverage with an Overweight rating and $216 target

Accenture Subsidiary to Support VA Info Security Program for $300M (GovConWire) A subsidiary of Accenture's (NYSE: ACN) federal services business will provide support to the Department of Veterans Affairs' Continuous Readiness in Information Security Program under a one-year, $300 million contract

Healthcare needs more IT security pros — stat (CIO) Technology is bringing amazing changes to the healthcare industry, but it's also bringing the need for more IT security professionals. What's causing this lack of talent and if you're a security pro, how can you land a job in this growing field?

High-profile breaches spark explosive demand for security awareness training (IT Pro Portal) KnowBe4, provider of the world's most popular integrated platform for security awareness training and simulated phishing testing, has seen explosive growth for eight consecutive quarters

United Airlines pays hacker one million air miles in bug bounty reward (Naked Security) It didn't take Jordan Wiens very long to find a vulnerability in United Airlines' network, but the payoff was one million free air miles for about six hours of work

ThetaRay Launches U.S. Office (PRNewswire) Kris Robinson joins to build threat detection lead and market share

Cyber security firm in Clearwater hiring for 30 jobs (83DegreesMedia) A cyber security firm in Clearwater is expanding, recently relocating to a new office space to house the employees they plan to hire this year. ThreatTrack, which provides cyber threat prevention solutions to organizations to avoid and respond to cyber attacks, is experiencing growth due to the need for online security solutions

SC Magazine Names Norse's Mary Landesman a "Woman to Watch" in IT Security (Yahoo! Finance) Landesman recognized for her long-time leadership in threat data analytics

Products, Services, and Solutions

A $200 privacy device has been killed, and no one knows why (Ars Technica) ProxyHam creator offers no explanation for his abrupt decision to abandon it

Bromium and Microsoft fortify Windows 10 against threat of cyber attack (Business Weekly) A Cambridge-California technology collaboration between Bromium and Microsoft has been launched to advance security on Windows 10

Balabit bets big on Blindspotter (ComputerWeekly) At first glance behavioural analytics may seem a strange direction for security company Balabit — but it makes sense on closer inspection

Automatic PC repair uses IBM's tech to keep computers clean (Times of Israel) Fixico, with roots in the enterprise world, promises to relieve everyday users of checking disk health and running updates

SMEs should not just rely on employees to encrypt emails (Zertificon) According to a 2012 study by the German interior ministry, email is the most popular communication technology and is used by 98% of SMEs

Splunk Provides Adaptive, Operational Intelligence (Forbes) A Security Operations Center (SOC) typically monitors the internal network data while Security Incident and Event Management (SIEM) provides a dashboard view with bit more control of the alerts generated by the applications and systems hardware. Often these are both reactive activities, notifying system admins only when something has already gone wrong. But what if you could anticipate a problem, and based on the data, create new and better rulesets on the fly? In that way Splunk, a big data company that seeks to provide security intelligence, is like a SIEM on steroids

Bitdefender Box — The Perfect Security Solution for Your Home Network (Social Barrel) We've all seen futuristic movies that feature cool gadgets, interconnected appliances and give you a sneak peek into what the future technology might be capable of. The possibilities are endless, and the benefits go beyond perception. If only all of that was possible!

Thycotic Secret Server 8.8 Honored as Silver Winner in the 10th Annual 2015 Hot Companies and Best Products Awards in Security Software (PRNewswire) Winners and finalists from around the globe were honored by Network Products Guide on June 29, 2015 in San Francisco

ERPScan Security Monitoring Suite is a Gold winner in the 10th Annual 2015 Hot Companies and Best Products Award in IT Products and Services for Telecommunications (ERPScan) Network Products Guide, industry's leading technology research and advisory guide, has named ERPScan Security Monitoring Suite a Gold winner of the 10th Annual 2015 Hot Companies and Best Products Awards in the IT Products and Services for Telecommunications category

Searching the Enterprise for Known Indicators of Breach (Tripwire: the State of Security) Given the recent high-profile breaches, a key challenge facing government agencies and other security-minded organizations is rooting out malware that has already become embedded on key assets

Technologies, Techniques, and Standards

Why CTO's should enforce adblocking on their networks (ITsecurity) Recent research from Simon Fraser University in British Columbia has illustrated that blocking advertising on their enterprise network cut bandwidth usage by 25-40%. They used AdblockPlus, the most popular browser plugin in the world, for a period of six weeks and actively recorded how it impacted network traffic and bandwidth consumption

Mobile SSL failures: More common than they should be (Help Net Security) Securing your mobile application traffic is apparently more difficult than it should be, as researchers Anthony Trummer and Tushar Dalvi discovered when looking into SSL/TLS usage on the Android operating system and applications, as well as on iOS and Windows 8 mobile

SSL/TLS certificates beginner's tutorial (talPor Solutions) This is a beginner's tutorial on SSL certificates (which by now should be called TLS certificates, but old habits die hard). I'll cover both how they function, and how to create a SSl/TLS certificate using OpenSSL, either self-signed or signed by a CA

Inside A Vicious DDoS Attack (Dark Reading) What it's really like to fend off a relentless distributed denial-of-service attack

Breaches Are More Than Malware (SecurityWeek) Security teams must always keep the entire attack lifecycle in perspective

6 ways the banking industry could improve on cybersecurity (MarketWatch) The threat of a hack is among banks' biggest fears

Design and Innovation

Why webcam indicator lights are lousy privacy safeguards (Christian Science Monitor Passcode) A recent academic study found that few computer users notice indicator lights and even fewer realize that the camera is always recording when the light is on. The lack of awareness, say researchers, makes people more vulnerable to webcam spying

Research and Development

David Wajsgras: Raytheon Aims to Help DARPA Automate Cybersecurity (ExecutiveBiz) Raytheon's team is one of seven teams that will compete in the final round of a $2 million U.S. Defense Advanced Research Projects Agency-hosted program to build an automated system against cybersecurity threats


Partnership to Address Staffing Crisis (InfoRiskToday) Government leads initiative to develop 12,050 security pros

Facebook teams up with SJSU to get more women in cybersecurity (San Jose Mercury News) Fifth-grader Natalie Valencia thought that cybersecurity was a career path boys followed, not girls, but a weeklong summer camp at Facebook changed her mind

Camp Teaches Teens To Solve Cyber Crimes (WBUR) Teenagers around the country have the opportunity this summer to learn to solve crimes in cyber space. The "gen-cyber" camps are run by the National Security Agency, which is hoping to train the next generation of cybersecurity experts

Cybrary Partners with Cornerstone Program to Provide Refugee Women with Computer Literacy Training (PRWeb) July program aims to make tech a means to self-sufficiency

Legislation, Policy, and Regulation

Experts protest Aussie law banning crypto export (IT News) Defence Trade Controls Act threatens to "criminalise" cryptology

'Save the teachers!' 184 cryptologists send Oz Govt cleartext petition (Register) 'Clear exemptions' sought for researchers caught in crypto export net

WhatsApp, Facebook Messenger could be banned by UK's newly proposed bill (Naked Security) Popular messaging apps like WhatsApp, Facebook Messenger and Snapchat could soon be a thing of the past in the UK if the government gets its way

Thoughts on Encryption and Going Dark, Part II: The Debate on the Merits (Lawfare) On Thursday, I described the surprisingly warm reception FBI Director James Comey got in the Senate this week with his warning that the FBI was "going dark" because of end-to-end encryption. In this post, I want to take on the merits of the renewed encryption debate, which seem to me complicated and multi-faceted and not all pushing in the same direction

Build a cyber plan now (Federal Times) Unfortunately for Office of Personnel Management Director Katherine Archuleta, she was at the switch when one of the biggest hacks to hit the federal government occurred late last year and early this year. It surprised no one when she resigned July 10

Federal Cybersecurity Needs Improvement (Politico) Cybersecurity is a top priority for me, for President Barack Obama and for this administration. It is my personal mission to significantly enhance the Department of Homeland Security's role in the cybersecurity of this nation

Threat Intelligence Sharing Legislation Gains Momentum (Dark Matters) Three pieces of proposed legislation to create platforms for information sharing between the private sector and the federal government are currently making the rounds on Capitol Hill — two in the House and one in the Senate — but it is still unclear what form a final bill will take

H. R. 1560 (114th Congress) An act to improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, to amend the Homeland Security Act of 2002 to enhance multi-directional sharing of information related to cybersecurity risks and strengthen privacy and civil liberties protections, and for other purposes

H. R. 1731 [Report No. 114–83] (114th Congress) To amend the Homeland Security Act of 2002 to enhance multi-directional sharing of information related to cybersecurity risks and strengthen privacy and civil liberties protections, and for other purposes

S. 754 (114th Congress) To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes

Litigation, Investigation, and Law Enforcement

OPM data breach to be subject of hearings (Military Times) Members of the House Armed Services Committee will look into the military and national security impact of the recent data breach at the Office of Personnel Management, calling the reports so far "staggering and unacceptable"

Why was Oscar-winning Snowden documentarian detained 50+ times in US airports? (Ars Technica) Laura Poitras has filed suit to find out why she was stopped and searched

It's a New Age in Data Privacy and Cybersecurity Protection (LegalTech News) General counsel and data privacy officers from TiVo, Intel and eHarmony talk Big Data, following cybersecurity laws, and more at Legaltech West keynote

Former DC Mayor Fenty Reveals DC PD Were Clients of Secretive Software Firm (DCInno) He mentioned the connection during an a16z podcast episode featuring Mayor Bowser

Ethiopia spying case casts spotlight on cyber surveillance in US (Al Jazeera) Lawsuit alleges that Addis Ababa used private technology to monitor Internet communications of dissident-linked American

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

SINET 16 Application Deadline (San Francisco, California, USA, July 17, 2015) Innovative solutions frequently come from new and small companies. Our goal is to provide entrepreneurs from all over the world an opportunity to increase their product awareness to a select audience of...

Upcoming Events

Securing Your Digital Assets (New York, New York, USA, July 14, 2015) Privacy and data security are a growing concern across all industries, and any breach of corporate or personal digital assets threatens financial and reputational harm. With all of the news and educational...

National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program.

National Cybersecurity Center of Excellence (NCCoE) Speaker Series: Janet Levesque, Chief Information Security Officer at RSA (Rockville, Maryland, USA, July 16, 2015) Traditional security models are failing. While the idea of a shift from prevention to detection has gained traction, most current approaches to detection rely heavily on the same techniques that have rendered...

TakeDownCon Rocket City (Huntsville, Alabama, USA, July 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their...

The APTs are coming (New York, New York, USA, July 21, 2015) With cyberespionage and Advanced Persistent Threats (APTs) on the rise, it's important to understand today's threat landscape-and the ways you can keep your company safe. Join LIFARS, Kaspersky Lab, Cyphort,...

California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...

CyberMontgomery 2015 (Rockville, Maryland, USA, July 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen...

Career Discovery in Cyber Security: A Women's Symposium (New York, New York, USA, July 30, 2015) Our annual conference brings together some of the best minds in the industry, with the goal of guiding women with a talent and interest in cyber security into top-flight careers

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.