Cyber Attacks, Threats, and Vulnerabilities
State-Sponsored Malware Flame Has Smaller, More Devious Cousin (Wired) Researchers have uncovered new nation-state espionage malware that has ties to two previous espionage tools known as Flame and Gauss, and that appears to be a high-precision, surgical attack tool targeting victims in Lebanon, Iran and elsewhere. Researchers at Kaspersky Lab, who discovered the malware, are calling the new malware miniFlame, although the attackers who designed it called it by two other names SPE and John. MiniFlame seems to be used to gain control of and obtain increased spying capability over select computers originally infected by the Flame and Gauss spyware.
Iran Denies Role In Gulf Cyberattacks (Yahoo.com) Iranian officials denied any role in recent cyberattacks against oil and gas companies in the Persian Gulf and said they welcomed a probe of the case, a semiofficial news agency reported Sunday
Iran ready to help countries boost cyber security: Behabadi (Press TV) US National Security Agency, the CIA and Israel's military worked together to create the Flame virus, the American newspaper added. In addition, the New York Times also revealed in June that US President Barack Obama secretly ordered a cyber attack
Israel Foils Daily Cyber Warfare Attacks, Says Netanyahu (Arutz Sheva) On Friday, former United States official James Lewis told AFP that Washington believed Iran was behind a major cyber attack on Saudi Arabia's state oil company and a Qatari gas firm in August. According to Lewis, who has worked for the State Department
Netanyahu: Israel under cyber attack from Iran (China.org.cn) Iranian hackers are trying daily to break into scores of Israeli computer networks, Israeli Prime Minister Benjamin Netanyahu said Sunday. "There is an increase in attempts to carry out cyber attacks, and every day there are incidents of attempts to
US thinks Iran behind cyber attack in Saudi: Ex-official (Express Tribune) The United States believes Iran was behind a major cyberattack on Saudi Arabia's state oil company and a Qatari gas firm, a former US official who has worked on cyber security issues said Friday. In a major cyber security speech on
US Suspects Iran Was Behind a Wave of Cyberattacks (New York Times) "We won't succeed in preventing a cyber attack through improved defenses alone," Mr. Panetta said. "If we detect an imminent threat of attack that will cause significant, physical destruction in the United States or kill American citizens, we need to
U.S. officials - 'Iran's behind cyber attacks' (DigitalJournal.com) According to the Cyber Command website, their mission is to coordinate, integrate, synchronize, direct, and conduct. "network operations and defense of all Army networks; when directed, conducts cyberspace operations in support of full spectrum
US warning reflects fears of Iranian cyberattack (Huffington Post) "Iran is a country for whom terror has simply been another tool in their foreign policy toolbox, and they are a country that feels it has less and less to lose by breaking the norms of the rest of the world," said Stewart Baker, former assistant
Corporate Attacks Hint Of A Coming 'Cyber Pearl Harbor' (Forbes) Back in May, the Department of Homeland Security revealed that there had been a series of attacks on the computer networks of natural gas pipeline companies. In July, according a report in The Energy Daily, hackers broke into the system monitoring
Hackers pwn the sun - Exploit code released for software used to manage solar energy plants (Naked Security) The US Department of Homeland Security has issued an alert that hackers have released proof of concept exploit code for vulnerabilities in a common SCADA software package used to manage solar energy systems
Exploit Code Released Targeting Firefox 16 Vulnerability (Threatpost) Mozilla FirefoxIt's been an interesting couple of days for Firefox users. First Mozilla released version 16 of the popular browser on Wednesday, then quickly pulled it back yesterday after a serious security vulnerability was found in the new version. Less than 12 hours later, Mozilla had repaired the problem and re-released the updated browser, but not before exploit code was released
@VenomSec hacks alwah.net website and leaks 300 accounts (Cyberwarzone) @VenomSec has hacked another website. This time they managed to leak the database of the website alwah.net. They released over 300 accounts in the Pastebin file that you can find here. VenomSec has been active and has targeted multiple websites. You can find more information about them here. Alwah.net is an Islamic news website
Security experts to probe Winz computer hacking (TVNZ) Security experts will examine how the Work and Income computer system was hacked, allowing the secret details of some of the most vulnerable New Zealanders to be exposed. The officials meant to safeguard them cannot yet say how many people have unlocked the information. The privacy blunder also raises doubts when the Government is setting up a database on children at risk of abuse
TD Bank misplaces tapes with data on 267,000 customers (Boston Globe) TD Bank misplaced computer backup tapes containing personal information for 267,000 customers, including 73,000 in Massachusetts, the Massachusetts attorney generals office said Friday. The bank told customers that two tapes disappeared in transit while being shipped to one of its locations in March. It has not been able to find the tapes
Security Patches, Mitigations, and Software Updates
Mozilla Adds Click-to-Play Plugin Security Feature to Firefox Beta (Threatpost) Attackers have been going after vulnerabilities in browser plugins and extensions for years now, as they know that users are slow about updating these components. Even if users have the browser set to update automatically, the third-party components are a separate issue and need to be patched on their own. With that in mind, Mozilla has added a new feature to Firefox that will, by default, block known vulnerable versions of plugins from running
Oracle Patch Update to Include 109 Patches (Threatpost) Buckle up Oracle administrators for 109 patches coming your way tomorrow. Oracle's quarterly Critical Patch Update is due, and the company is releasing fixes for security vulnerabilities across most of its enterprise products, addressing a host of remotely exploitable flaws. This comes a little more than a month after exploits of a serious zero-day vulnerability in Java were reported, as well as a critical zero-day vulnerability in Java SE
Cyber Trends
Security Monitoring An Elixir For Intrusion Costs? (Dark Reading) A recent study of the costs of cybercrime find that security intelligence, including monitoring and threat intelligence, reduce the costs of cyberattacks the most. Companies that want to reduce the cost of detecting, responding and recovering from cyberattacks should invest in technologies designed to give businesses better visibility into the security of their networks and systems, according to a recent Ponemon Institute survey tallying the cost of cybercrime
5 key forces driving open source today (IT World) From the rise of foundations to emerging revenue models, the open source movement is primed for even greater impact on tomorrow's technologies
Cybercom Chief: Culture, Commerce Changing Through Technology (Department of Defense) Keith B. Alexander, also the director of the National Security Agency, said. Everyone is connected to the network, Alexander said, even his two-year-old grandson, who on his own has figured out how to turn on an iPad and use Skype to call his grandmother
Human generated big data (Help Net Security) Human generated content is comprised of all the files and e-mails that we create every day, all the presentations, word processing documents, spread sheets, audio files and other documents
Marketplace
Japan's Softbank offers to buy 70 percent of US operator Sprint for $20 billion (IT World) The deal will be the most a Japanese firm has spent on an overseas acquisition. REUTERS/Yuriko Nakao. Japan's Softbank said Monday it has reached a deal to acquire a 70 percent stake in U.S. mobile operator Sprint Nextel for US$20 billion, forming one of the world's largest telecom operators
NIST awards $9 million to promote online security and privacy (Homeland Security Newswire) The U.S. Department of Commerces National Institute of Standards and Technology (NIST) last month announced more than $9 million in grant awards to support the National Strategy for Trusted Identities in Cyberspace (NSTIC). Five U.S. organizations will pilot identity solutions which increase confidence in online transactions, prevent identity theft, and provide individuals with more control over how they share their personal information. NSTIC is a White House initiative to work collaboratively with the private sector, advocacy groups, and public-sector agencies
Firms, Policymakers Struggle Amid Western Defense Cuts (Reuters.com) "Whenever we found a problem, we cauterized it with cash," Undersecretary of Defense for Industrial Policy Brett Lambert told a meeting of Reuters defense and aerospace reporters last month. "Those days are over"
Issa Polls Defense Contractors About Layoff Notices, Politics (Bloomberg News) The chairman of a House panel has asked defense contractors if they discussed with the Obama administration whether to issue layoff notices to workers days before the Nov. 6 election because of pending defense-spending cuts
Two Economists, Opposite Thoughts On Sequestration (Capital Business) Fuller, Zycher debate; With mandatory budget cuts looming, little consensus on impact
Etisalat extends SIM registration deadline for UAE mobile phone users (Emirates 24/7) Company intends to introduce money transfer service on mobile phone. Etisalat telecommunications firm has decided to extend a deadline for its mobile phone subscribers to re-register their SIM cards but said defaulters could eventually have their service disconnented
Expect To Save Millions In The Cloud? Prove It (InformationWeek) The General Services Administration, in justifying its decision two years ago to adopt Google's cloud services for email and collaboration, projected it would save $15 million over five years. Now, an internal audit has found that evidence of those anticipated savings is lacking
ReVuln Emerges as New Player in Vulnerability Sales Market (Threatpost) ReVulnIt's getting difficult these days to keep track of all of the companies, public and otherwise, that are buying and selling vulnerabilities or information on bugs, and now there's another group on the scene: ReVuln. But, unlike other companies in the industry, ReVuln is mostly focusing its efforts on vulnerabilities in SCADA and ICS software, the applications that run utilities, industrial systems and other sophisticated systems
RIM CIO Talks Enterprise BYOD (InformationWeek) CIO Robin Bienfait talks about RIM's enterprise-friendly features like BlackBerry Balance, security and apps, and welcoming iOS and Android devices into the mix
More Visas For Indian Tech Workers? (InformationWeek) Treasury Secretary Tim Geithner makes comments viewed in India as a sign that that the U.S. may eventually increase the number of visas available to tech professionals
SPAWAR Expert Discusses Getting Ahead of the Growing Cyber Threat (DVIDS) McNally oversees the acquisition of information assurance and cybersecurity solutions for Navy tactical networks. "My goal is to move us more toward rapid detection and response," said McNally. "I want to stop cyber terrorists before they cause more
A BAE-EADS merger would have been too complex to handle (The Guardian) A large part of the reason for this is the extremely close and complex relationships weapons manufacturers, perhaps more than in any other sector, have with their governments and intelligence agencies. This is a consequence of their role in foreign
Kaspersky Lab grows presence in Africa as internet threats multiply (Independent Online) LAST year Kaspersky Lab, an international information technology (IT) security vendor recorded 50 000 new computer virus threats daily. This year new threats have increased to 125 000 daily, according to Vasily Dyagilev, the managing director of
SAP CEO Tackles Tough Cloud Questions (InformationWeek) Jim Haggeman Snabe discusses SAP's ongoing transformation and takes on Oracle's version of the truth in this video interview from the InformationWeek 500 conference
Cisco Piles Pressure On Huawei (InformationWeek) Cisco exec's blog highlights discrepancies in Chinese vendor's interpretation of the Cisco vs. Huawei intellectual property dispute
Products, Services, and Solutions
ZURB's Solidify Lets Designers Build And Test Clickable Prototypes For Any Device (TechCrunch) After a few months of private beta testing, the product design company ZURB is officially launching Solidify today, a tool that aims to help designers and developers to quickly create and test clickable prototypes of their websites and mobile applications. With Solidify, users can create these prototypes by linking together their existing sketches, wireframes or mockups. That's just the first
Google Play Rolls Out New Developers Console (TechCrunch) oogle previewed the new version of the developer console for its Google Play app and media store at its annual I/O conference in June. The new version has been in private beta ever since, but as of today all developers can opt-in to the new console
Is Google about to start scanning your Android for malware? (Naked Security) A new edition of the Google Play app (Android's equivalent to the iOS App Store) appears to be preparing to add anti-virus functionality to the mobile operating system
Advanced Threats: Why You Have to See It to Protect it (Arbor Networks) Today, Arbor Networks proudly releases Pravail Network Security Intelligence (NSI) to the public. Pravail NSI provides cost-effective, enterprise-wide visibility into the network as well as insight into applications, content and users in order to better secure the network. Rather than providing visibility and intelligence only at the vanishing enterprise perimeter, NSI offers pervasive visibility throughout the enterprise
Proactive Detection and Automated Exchange of Network Security Incidents (CERT) Cert Poland published an article on the comparison of various incident data sharing systems, such as Abuse Helper, Megatron, CIF, and our own n6. It is in part inspired by an ENISA study conducted by us last year on the Proactive Detection of Network Security Incidents. In the article, we attempted to introduce objective criteria that can be used to evaluate the quality of threat data feeds and, using these criteria, we compared all (known to us) major systems for automated incident processing
Geolocation in iOS (Help Net Security) Take advantage of iPhone and iPad sensors and advanced geolocation technologies to build state-of-the-art location applications. Geolocation in iOS takes you deep inside Apple's Core Location
ISF launches Benchmark as a Service (Help Net Security) The Information Security Forum (ISF) launched a Benchmark as a Service (BaaS) tool. This online initiative will assist users in identifying strengths and weaknesses and compare their security status
Phil Zimmermann's Silent Circle Builds A Secure, Seductive Fortress (Telepresence Options) The cryptography legend is teaming up with two ex-Navy SEALs to offer encrypted phone calls, video conferencing, and text messages with no learning curve whatsoever. The target market? Businesspeople and government employees traveling abroad
Quant5 Analytics Startup Helps Harness Big Data (eWeek) Quant5, a startup in the predictive analytics arena, announced a partnership with Booz Allen Hamilton to
Bringing cognitive science to the intelligence community (The Hill) The challenges to the American intelligence community have never been greater
Whonix: Anonymous operating system (Help Net Security) Whonix is an anonymous general purpose operating system based on Virtual Box, Ubuntu GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find
Record privileged sessions in Password Manager Pro (Help Net Security) ManageEngine announced the immediate session recording capabilities in its privileged password management software, Password Manager Pro. Now, privileged sessions launched from Password Manager Pro
Qualys expands QualysGuard PCI cloud platform (Help Net Security) Qualys has expanded QualysGuard PCI to assist organizations of all sizes to meet Payment Card Industry (PCI) Data Security Standards (DSS), including new internal scanning requirements
nCircle releases Configuration Compliance Manager 5.13 (Help Net Security) nCircle announced its Configuration Compliance Manager 5.13. This release adds the ability to audit MySQL and Microsoft Windows Server Internet Information Services (IIS) 7 configurations, updates PCI
Biometric authentication service for web and mobile service providers (Help Net Security) BioID announced BioID Connect, a cloud-based biometric authentication service that providers of web, cloud and mobile services can easily integrate to offer their users convenient strong authentication
Assess and monitor SAP security with ERPScan (Help Net Security) ERPScan released the version 2.1 of their Security Scanner for SAP, which is currently the only solution on the market to assess and monitor 3 tiers of SAP security: vulnerability assessment, ABAP
Google Officially Speeds Up Web Page Loads (InformationWeek) Google's mod_pagespeed software, finally exiting beta after two years, reduces load times of Web pages served by Apache Web servers by as much as fifty percent
Advertisers' 'Do Not Track' Protests Fail Smell Test (InformationWeek) An almost comic war of words continues between advertisers and Microsoft regarding do not track technology in Internet Explorer 10. Funny thing: The only tracking option advertisers want is opt-out
Bromium Strengthens Desktop Security Using Virtualization (InformationWeek) Ex-Citrix CTO Simon Crosby says Bromium's vSentry technology isolates suspicious activity in a virtual machine, then identifies and flushes it when the VM is erased
Technologies, Techniques, and Standards
Next-Generation Malware: Changing The Game In Security's Operations Center (Dark Reading) Sophisticated and automated malware attacks are spurring enterprises to shift their security technology, staffing strategies. In a quiet, secluded spot, a malware author is creating a new piece of code that no antivirus tool has ever seen before. It's not a particularly creative exploit – just a slight tweak on an existing Trojan – but it should be enough to bypass the signature-based defenses of the company he's targeting
How to Prevent Password Encryption Exploits (eSecurity Planet) Hackers love to target users' website passwords. Companies can thwart them by using multiple methods designed to make hacking as costly and time consuming as possible. When warning about the risks of website attacks like SQL injection and remote file inclusion, we often talk about how these breaches can reveal "sensitive data." What kind of sensitive data?
Cyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1 (Internet Storm Center) Ok ok the "System" on the title may be a bit too much for what this diary will show, but it will give you a nice idea on how to start to build your own analysis system using open source and free tools. For the first part of this Diary we will focus on PE files, using three different tools for Static Analysis
Brittle Systems - Unmasking Enterprise Security's Quiet Danger (Infosec Island) You may not want to think about it, but besides all the obvious security vulnerabilities in your enterprise there is an even bigger problem, lurking just below the water. At that perfect intersection between critical system and security vulnerability is something many IT professionals acknowledge as the big pink elephant in the room - the "brittle system". These brittle systems start out as a pet project, or a prototype... or maybe someone's test case
Law enforcement well positioned to gain WHOIS changes (Fierce Government IT) The Internet Corporation for Assigned Names and Numbers says ahead of a planned Oct. 15 meeting in Toronto that law enforcement and registrars have found common ground over WHOIS proposals--although privacy watchdogs may continue to have objections
VanRoekel: Agencies to adopt NSTIC (Fierce Government IT) The Office of Management and Budget wants agencies to adopt the National Strategy for Trusted Identities in Cyberspace, or NSTIC, to enable shared, citizen identity management across government
Design and Innovation
Eclipse Xtend on JVM: Not as 'scary' as rival Scala (IT World) Co-architect Sebastian Zarnekow discusses Eclipse.org's statically typed language, benefits of compiling to Java source
Academia
Down to digits (Queen's Journal) As the practice of writing and solving codes — rules that determine how to disguise information — cryptography has other uses as well. In modern times, it's made things like credit card transactions possible. Before that, though, it was a component
Community college gets $5 million grant for cybersecurity training (ITworld.com) The school will develop training programs that focus on skills that agencies such as the U.S. National Security Agency and Department of Homeland Security are looking for, she said. The community college pushed for the designation as a cybersecurity
Legislation, Policy, and Regulation
Government breaks secrecy barrier on cyber security (The Hindu) Cyber security threats have recently emerged as the new defining security challenge in a networked global Internet economy. This explains why National Security Adviser Shivshankar Menon and his deputy Vijay Latha Reddy Reddy are focussed on engaging the private sector. Like others with similar responsibilities, the national security administration is more deeply concerned about security breaches and attacks through computers, mobiles and other devices than a physical act of war, and, in some cases, even a terrorist strike
UK government to develop social media laws that protect freedom of speech (IT Proportal) The UK must introduce new social media measures that protect free speech while appropriately responding to online harassment and threats, the director of public prosecutions has said. Following a rash of social media-related prosecutions, new guidelines surrounding how to treat and police social media must be discussed, Keir Starmer QC, the top prosecutor in England and Wales, told the BBC. The public right to be offensive has to be protected and UK laws must therefore be reviewed, he said
Prospects and challenges in asymmetrical warfare strategies in Indonesia (Jakarta Post) If these weaknesses can be used for a cyber attack, the potential loss for a national private bank as a result of a denial in operation for one day is Rp 2.12 trillion (US$223 million), or some 10.87 percent of the nation's money supply. Meanwhile, the
Collins to meet US privacy experts (NZ City) "I am keen to understand how cyber-bullying is addressed in other jurisdictions," Ms Collins said…Ms Collins departs on Sunday and will meet US Attorney General Eric Holder and the Secretary of the Department of Homeland Security Janet Napolitano
New Center, Council Aims to Foster Cybersecurity Discussion at a State Level (Tbhreatpost) Hoping to better address the cause and concerns of cyber attacks on a state level, last week the National Governors Association (NGA) announced the creation of the Resource Center for State Cybersecurity, an initiative set into motion by Governor Martin O'Malley (D-Maryland) and Governor Rick Snyder (R-Michigan)
Multistakeholder process incompatible with GPRA? (Fierce Government IT) Government Accountability Office recommendations that agencies set performance goals with specific timelines and measures--a requirement of the Government Performance and Results Act--may not be compatible with the multistakeholder process, says Acting Commerce Secretary Rebecca Blank
San Francisco Proposes Revised Open Data Legislation, Plans To Hire Chief Data Officer (TechCrunch) San Francisco Mayor Ed Lee is unveiling proposed changes to the City of San Francisco's open data legislation today, creating more structure around how the city's data is shared with the public
Reid vows fresh effort to pass stalled cybersecurity bill (The Hill) Panetta, in a speech Thursday, said the country could face a "cyber Pearl Harbor," with attacks targeting the power grid, trains carrying chemicals, water plants and other critical systems. Reid, in a statement Saturday, said that when Congress
Stop Putting More Mouths at the Intelligence Table, Report Says (Security Management) The federal government needs to stop creating additional domestic intelligence capabilities and streamline an already unnecessarily duplicative counterterrorism and domestic intelligence architecture, according to a report co-authored by a former Department of Homeland Security (DHS) official and one of Los Angeles' top cops
Canada should heed warnings of 'cyber Pearl Harbor,' security experts say (Calgary Herald) Although Panetta's words are somewhat alarming, they point to a rising issue in national defence that the government needs to keep in mind when allocating resources, said NDP defence critic Jack Harris. "There is a real threat of cyber attacks," he said
Litigation, Investigation, and Law Enforcement
Feds Move Closer to Suing Google Over Search (Wired Business) The feds may be getting ready to pull the trigger on an antitrust lawsuit against Google for allegedly using its massive scale to squash competition and keep online advertising prices high
More than $400,000 stolen from Burlington city bank account (Skagit Valley Herald) Local police and federal investigators are looking into a report of more than $400,000 electronically stolen from a Burlington city government bank account, according to a statement released Friday. Burlington's finance department reported the theft Thursday, saying the money had been electronically transferred to various personal and business accounts throughout the United States during a two-day period, Burlington Police announced in a statement
China busts 700 cybercriminal gangs (ZDNet) China's Web policing campaign has led to the arrest of 8,900 suspects and deleting of 1. 88 million "harmful" Web messages, says the Ministry of Public Security. A country-wide Web policing campaign led by China's Ministry of Public Security has dealt a blow to 700 cybercriminal gangs in the country
IRS challenged by identity theft (Fierce Government IT) A push by the Internal Revenue Service to deliver tax refunds more quickly has had the unintended consequence of fostering identity theft, a tax agency official said Oct. 10. "People are actually filing, and getting their money early--and often," said Sharon James, the director of cyber architecture and implementation at the IRS, while speaking at an AFCEA-Bethesda morning event
16-year-old makes fake warning of massive Cyber attack (Expatica Netherlands) A 16-year-old boy has confessed to police he was behind a YouTube film last week in which the hackers group Anonymous was said to announce plans to launch a major cyber attack on the Netherlands. The film won widespread publicity, prompting
Anonymous threatens Dutch internet service providers (New Europe) At the beginning of the month, hackers from Anonymous announced the start of Operation Dutch Pirate Bay (OpDutchPirateBay) as a way to protest against the blocks established to the sharing-site by some Netherlands Internet service providers (ISPs.) The operation was supposed to start a couple of days ago on 13 October and the targets were supposed to be organizations such as anti-piracy outfit BREIN, Tele2, Ziggo, UPC and KPN. However, the sites were forced to take these measures by a ruling of the Dutch court; they didn't decided to take it voluntarily
China firms' risk to U.S. unproved (SFGate) Two Chinese companies with facilities employing more than 1,000 people in the Bay Area and California are, we were told last week, a threat to national security. Besides labeling the two companies - Huawei and ZTE - as such, a congressional committee report said neither telecommunication company should ever be allowed to merge with or acquire American companies. Nor, for that matter, should U.S. companies do business with them."If I were an American company today," Rep. Mike Rogers, R-Mich., chairman of the House Permanent Select Committee on Intelligence, told "60 Minutes," "I would find another vendor if you care about your intellectual property, if you care about your consumers' privacy and you care about the national security of the United States of America
Harper in a pickle over China telecoms (Waterloo Record) Most of our internet and phone conversations are already susceptible to monitoring, either by Canada's Communications Security Establishment or the U.S. National Security Agency. Just don't put anything online that you don't want the CIA — or the