Ransomware and distributed denial-of-service (DDoS) campaigns continue to dominate the news at week's end. The Magnitude exploit kit has been spotted delivering CryptoWall in a malvertising campaign. And, in the black market, ransomware purveyors offer their services (under the CryptoLocker brand) in exchange for ten percent of any ransom paid.
High-end Australian email provider FastMail sustains a DDoS attack similar to the ones that recently crippled Runbox, Zoho, Hushmail and ProtonMail. FastMail takes pains to say that it has no intention of paying ransom to get out from under the attack. Security blogger Graham Cluley sustains his own DDoS incident, noting that it occurred even as he was speaking about the Armada Collective and other DDoS hoods. He says the attackers used UPnP reflection, DNS reflection, and TCP SYN flooding, but have issued no ransom demands. As of this writing his site appears still under attack.
Point-of-sale malware remains a problem even as we reach the second anniversary of the Target breach that brought the issue to prominence. Trustwave describes "Cherry Picker," which has been infesting targets since 2011 (and cleaning up after itself). Proofpoint discovers a newer strain, "Abbadon," which researchers noticed downloading in the course of a Vawtrak banking Trojan infection.
Several interesting proofs-of-concept are out, including the use of barcodes as a malware vector.
Microsoft fixes the patch that caused Outlook problems.
Investors take a new look at the cyber sector, informed by Tenable funding and Cisco results. Microsoft's German cloud servers will be secured by G-Data.
Today's issue includes events affecting Australia, Canada, China, European Union, Germany, Iran, Democratic Peoples Republic of Korea, Russia, Ukraine, United Kingdom, United States.
Researchers Discover Two New Strains of POS Malware(Threatpost) Point of sale malware has gotten more sophisticated as we inch closer to the two-year anniversary of the Target data breach. Now, two weeks from the biggest shopping day of the year, two new and different strains of point of sale malware have come to light, including one that's gone largely undetected for the past five years
Apps Permissions in the Google Play Store(Pew Research Center) Analysis of over 1 million apps in Google's Android operating system in 2014 shows apps can seek 235 different kinds of permissions from smartphone users. The average app asks for five permissions
Spam and phishing in Q3 2015(Securelist) Spam: features of the quarter. Online dating. The dating theme is typical for spam emails, but in the third quarter of 2015 we couldn't help but notice the sheer variety appearing in these types of mailings
One Bad Barcode Spoils Whole Bunch(Threatpost) Barcodes' pervasiveness in retail, health care and other service industries notwithstanding, hackers really haven't paid much attention to these tiny lines of data
Efficient multivariate statistical techniques for extracting secrets from electronic devices(Computer Lab, University of Cambridge) In 2002, Suresh Chari, Rao Josyula and Pankaj Rohatgi presented a very powerful method, known as the 'Template Attack', to infer secret values processed by a microcontroller, by analysing its power-supply current, generally known as its 'side-channel leakage'… In this thesis, I describe efficient implementations of this template attack, that can push its limits further, by using efficient multivariate statistical analysis techniques
Security Patches, Mitigations, and Software Updates
Security Audit: Scrapyd(SPECT Research) In this post I'll write about the vulnerabilities discovered in scrapyd, the scrapy daemon. It's a full review of security issues and measures to take in order to run scrapyd safely
Cybercriminals turn to automation to profit from Web app attacks(FierceITSecurity) Cybercriminals are increasingly using automation to ramp up the magnitude and velocity of attacks intended to compromise Web applications and steal sensitive data, according to security firm Imperva's annual Web Application Attack Report released on Thursday
Videology and White Ops Report Shows That Blocking Bots on Video Ads Can Increase Brand Engagement by 22%(Sys-Con Media) Videology, a leading software provider for converged TV and video advertising, and White Ops, the leader in online fraud detection for digital advertising, today released the findings from a new whitepaper entitled "Eradicating Bot Fraud: The Path to Zero-Tolerance." This joint report is designed to help advertisers better understand the issue of ad fraud in video advertising and the viable options available to fight back against this $7 billion problem
Australia vulnerable to a cyber-attack disaster(Sydney Morning Herald) Australian government agencies and organisations are increasingly vulnerable to a major cyber attack yet security has not evolved in more than 20 years, according to an international cybercrime expert
CFOs Reveal Their Top Issues for 2016(CFO) What will CFOs be spending their time on next year? Preserving margins and sustaining or improving earnings performance top the list, says Protiviti
Israel's Cymmetria, Which Deceives Hackers, Raises $9 Million(Wall Street Journal) Cymmetria Inc., an Israeli start-up whose software lures hackers into cyber traps within organizations' networks has raised around $9 million, the latest sign that investors are flocking to one of cyber-security's hottest trends: deceiving hackers and catching them red handed
Hill-Based OPSWAT Provides Cybersecurity(Potrero View) In our interconnected and device-laden world, cybersecurity has become a hot topic, especially after recent data breaches at the Sony and Target corporations
'We take your security seriously'(Engadget) Anyone who has even the slightest amount of contact with the internet is familiar with the scenario: An email or actual piece of mail arrives from a company who apparently handles some part of your connected life
Security 101 for CEOs(Tripwire: the State of Security) There are important security lessons for CEOs following the embarrassing revelation that a teenager hacked into the personal email accounts of CIA Director John Brennan and Homeland Security Secretary Jeh Johnson. This isn't the first nor will it be the last time that people hack into accounts using a variety of techniques; it illustrates the lengths to which amateurs and bad actors will go
Hacking Contests Drive Millennials to Cybersecurity(IBM Security Intelligence) It's no secret that the cybersecurity talent shortage is one of the biggest challenges facing our industry, with experts predicting 1.5 million open and unfilled global security positions over the next five years
Tor Project says FBI paid Carnegie Mellon $1m to unveil Tor users(Naked Security) In November 2014, a far-flung, multi-nation bust, dubbed Operation Onymous, snared 410+ supposedly hidden services running 27 markets, including Silk Road 2.0, stripping away the concealing layers of the Tor anonymizing service to lay identities bare
Database of 70 million prisoner phone calls breached, leaked(Help Net Security) A vast collection containing metadata of over 70 million records of phone calls placed by prisoners to at least 37 US states and links to actual recordings for each call has been leaked to reporters of The Intercept by an anonymous hacker
Black Hat Europe(Amsterdam, the Netherlands, November 10 - 13, 2015) Black Hat prides itself with being "the most technical and relevant global information security event series in the world." For the past 16 years, the Black Hat events have given their attendees the opportunity...
Pen Test Hackfest Summit & Training(Alexandria, Virgina, USA, November 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment.
Cybersecurity, the SEC and Compliance(New York, New York, USA, November 18, 2015) The recent SEC CyberSecurity Examination Initiative focuses on information safeguards for financial services organizations. Are you prepared? Please join us for a panel discussion on what cybersecurity...
CyberCon 2015(Pentagon City, Virginia, USA, November 18, 2015) CyberCon 2015 is the forum for dialogue on strategy and innovation to secure federal and defense networks, as well as private sector networks that hold their sensitive data
Internet-of-Things World Forum 2015(London, England, UK, November 18 - 19, 2015) This conference features speakers from leading IoT companies and their customers. Learn how the Internet-of-Things is creating new markets for products, services, and solutions
2015 U.S. Cyber Crime Conference(National Harbor, Maryland, USA, November 14, 2015) The 2015 U.S. Cyber Crime Conference (Formerly the DoD Cyber Crime Conference) has brought world-class forensics and incident response training combined with outstanding community networking for over 15...
CyberPoint 2nd Annual Women in Cyber Security Reception(Baltimore, Maryland, USA, November 19, 2015) CyberPoint International announces its 2nd Annual Women in Cyber Security Reception to be held on November 19, 2015. Bringing together women from across the region and all different points on the career...
DefCamp6(Bucharest, Romania, November 19 - 20, 2015) Why DefCamp? Because it's the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field,...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.