Cyber Attacks, Threats, and Vulnerabilities
Syrian Hacker Hacks Avast Anti-Virus Serbia Website, Demands Free Syria (Hack Read) Dr.SHA6H, a hacker who claims to be from Syria who apposes President Bashar Ul Assad has hacked and defaced the official website of Avast anti-virus distributor for Serbia. The site was defaced on 1st October, left with a deface page along with a message in which the hacker bashed governments around the world and human rights organizations. The deface message was expressed in following words: When patience
12 NIC of CoCCA Council of Country Code Administrators Registrar Hacked by 1337 (Hackers Post) Council of Country Code Administrators Registrar Service has been hacked by pro hacker 1337 . All NIC domain registrar website under CoCCA are been also hacked. This is the biggest ever cyber attack on Domain Registrars
Gang Behind Adobe Hack Hit Other Unnamed Companies (Threatpost) The attackers behind the Adobe hack and breaches against data brokers such as LexisNexis have also been linked to similar intrusions against other unnamed organizations. Security expert Alex Holden, who along with security blogger Brian Krebs uncovered the data lost in the Adobe breach, said those compromised organizations are being notified
Adobe hack shows subscription software vendors lucrative targets (ComputerWorld) Hackers jack 3 million credit cards, many tied to Creative Cloud software–by–subscription service
Adobe source code breach — is it a gateway for new malware and exploits? (Naked Security) One of the researchers who came across Adobe's stolen source code online said that "this breach may have opened a gateway for a new generation of viruses, malware, and exploits." Is he right
Reactions from the security community to the Adobe breach (Help Net Security) Hackers have breached Adobe's network and have made off with personal, account, and encrypted financial information of nearly 3 million Adobe customers, as well as the source code for Adobe Acrobat, ColdFusion, ColdFusion Builder and other Adobe products
Adobe Breach: Was Source Code Real Target? (eSecurity Planet) Adobe is warning users about a massive breach of its systems that exposed both source code and user account information. Adobe Chief Security Officer Brad Arkin reported in an Adobe blog post that his company was breached with attackers gaining access to Adobe customer IDs
Adobe Customer Security Compromised: 7 Facts (InformationWeek) Could stolen ColdFusion and Acrobat source code spawn a new generation of zero-day attacks? Adobe began warning 2.9 million customers Thursday that their Adobe user ID, as well as passwords and credit card numbers — stored in encrypted format — were stolen in a series of "sophisticated attacks" that appear to date from August 2013, if not earlier
Adobe Resets Passwords after Massive Data Breach (Newsfactor) The massive breach into Adobe's networks may have been the work of the same attackers who compromised LexisNexis and other organizations, using the same techniques. Security professionals around the world should be on high alert for an increase in Acrobat-related attacks as hackers analyze the code for possible zero-day exploits
Oh dear. Gmail misidentifies Adobe password reset message as spam (Graham Cluley) On Thursday, Adobe announced that hackers had broken into its systems, stealing some of its source code and stealing information on some 2.9 million customers
New cybercrime–friendly iFrames–based E–shop for traffic spotted in the wild (Webroot Threat Blog) Thanks to the free, commercial availability of mass Web site hacking tools, in combination with hundreds of thousands of misconfigured and unpatched Web sites, blogs and forums currently susceptible to exploitation, cybercriminals are successfully monetizing the compromise process. They are setting up iFrame based traffic E–shops and offering access to hijacked legitimate traffic to be later on converted to malware-infected hosts. Despite the fact that the iFrame traffic E–shop that I'll discuss in this post is pitching itself as a 'legitimate traffic service', it's also explicitly emphasizing on the fact that iFrame based traffic is perfectly suitable to be used
Cybercriminals offer spam–friendly SMTP servers for rent — part two (Webroot Threat Blog) We continue to spot new cybercrime ecosystem propositions for spam-ready, cybercrime-friendly SMTP (Simple Mail Transfer Protocol) targeting QA (Quality Assurance) aware cybercriminals looking to gain access to dedicated mail servers with clean IP reputation, ensuring that their campaigns will reach the recipient's Inbox. Relying on 'in-house' built infrastructure or direct outsourcing to bulletproof hosting providers, these services continue empowering prospective customers with managed, popular spam software compatible services, potentially exposing millions of users to fraudulent or malicious email campaigns. Let's discuss yet another managed service offering spam-ready SMTP servers, and connect it to malicious campaigns that have directly interacted with
Latest Snowden Leak Explains NSA Subversion of Tor Users (Threatpost) The latest Snowden documents, made public today, suggest the National Security Agency is able to peel back the veil on a small fraction of Tor users at a time, but overall the integrity of the anonymity network remains intact. Tor promises its users a level of anonymity online for their Web activities by routing traffic through layers of proxies on the network until packets reach their final destination. The network is used by journalists, activists and other privacy-conscious individuals to keep communication secret
Report: NSA has little success cracking Tor (PC Advisor) The agency has attacked other software, including Firefox, in order to compromise the anonymity tool, according to documents
Report: NSA unmasking Tor users (Daily Caller) The National Security Agency has been waging a campaign to unmask the users of the anonymous Internet tool Tor, the Washington Post reports
Ministério de Minas e Energia foi alvo de espionagem internacional, revela 'Fantástico' (Globo) Agência canadense de segurança, parceira dos Estados Unidos, mapeou ligações e e–mails da pasta
Tom Sawyer Software Allegedly Hacked, Details of 60,000 Accounts Leaked (Softpedia) The hacker Nairb, the one who breached torrent site AhaShare.com a couple of days ago, claims to have hacked the systems of Tom Sawyer Software, a company that provides software and services for the development of highly scalable and flexible data visualization applications
Hackers target patient records (Express) Hackers are stealing medical records from NHS databases and using confidential information to blackmail patients, warned a cyber crime expert last night
US small business hack attack (SBS) A cyber attack forced a small US company to shut down its site for six weeks and cost $US75,000 in lost revenue and to overhaul its computer system. David Perdew learned during his company's semiannual training workshop in February that its website had been hacked. A threatening message on the site read: "David Perdew, you owe me money and I will expose the database to the world if you don't pay
After Silk Road seizure, FBI Bitcoin wallet identified and pranked (ZDNet) In the the arrest of Silk Road founder Ross Ulbricht the FBI seized around 26,000 Bitcoins. The FBI's 'wallet' has been identified and is now the target of micropayments with pointed messages
Corps of Engineers water management site target of attempted cyber attack (Augusta Chronicle) A popular U.S. Army Corps of Engineers Web site that posts real-time water levels for Thurmond Lake was target of an attempted cyber attack in June and has been offline since then
Cyber Trends
Internet of Things, new opportunities for hackers and cybercriminals (Security Affairs) Internet of Things, a business growing at a compound annual rate of 7,9% that is a privileged target for hackers and cyber criminals
Every minute of every day, a bank is under cyber attack (Telegraph) Heard about the multi-billion pound takeover that collapsed because cyber criminals stole confidential information on the deal? Or how about the millions of pounds stolen on a regular basis from British banks? The chances are you probably have not and that is because few of these stories ever make the news. But look at the latest warnings from the Bank of England and senior industry executives and there is no doubt that the "cyber threat" has become one of the biggest problems facing the financial system
A Scary Look At Future Cybersecurity Threats (SiliconBeat) For a frightening crystal-ball look at where technology might be taking us, have a gander at this series of videos produced by cyber security firm Trend Micro
Marketplace
The Digital Age Of Cyber Insurance (Insurance News Daily) Considering all of the different web security measures out there, it's safe to say that the threat of cyber–attacks against your business is a very real one. But what happens if, despite taking precautions and engaging all manner of defenses, your business still suffers a cyber–attack? Are you now stuck with the consequences, left high and dry? Not really. Much in the same way that you still buy auto insurance despite the plethora of safety features in today's cars, you can buy cyber–insurance for your business
XON, Procera Networks establish sub-Sahara Africa partnership (ITWeb) XON has cemented a partnership agreement with Procera Networks, the global Internet intelligence company, to distribute, implement and support the OEM vendor's intelligent policy enforcement (IPE) PacketLogic products that provide actionable network intelligence and policy enforcement for network operators
Enterprise tech projects increasingly funded by business, not IT (Help Net Security) According to a new IDC survey of 1,200 line of business executives, 61% of enterprise technology projects are now funded by the business rather than the IT department, and IT spending driven by the functional business areas will continue to outpace IT spending by the IT organization in the future
Products, Services, and Solutions
Contrary to what you've heard, Android is almost impenetrable to malware (Quartz) Until now, Google hasn't talked about malware on Android because it did not have the data or analytic platform to back its security claims. But that changed dramatically today when Google's Android Security chief Adrian Ludwig reported data showing that less than an estimated 0.001% of app installations on Android are able to evade the system's multi-layered defenses and cause harm to users. Android, built on an open innovation model, has quietly resisted the locked down, total control model spawned by decades of Windows malware. Ludwig spoke today at the Virus Bulletin conference in Berlin because he has the data to dispute the claims of pervasive Android malware threats
Goodbye Microsoft Security Essentials: Microsoft Now Recommends You Use a Third–Party Antivirus (How-to Geek) Microsoft Security Essentials (Windows Defender on Windows 8) was once on top. Over the years, it's slid in the test results, but Microsoft argued the tests weren't meaningful. Now, Microsoft is advising Windows users to use a third-party antivirus instead
Emulex releases appliance for cloud, security and mobile deployments (Help Net Security) Emulex announced the new EndaceFlow 3040 NetFlow generator appliance, which is purpose-built for use with high-density 10GbE networks, generates 100 percent accurate NetFlows on up to four Ethernet links at speeds up to 10Gbps line rate
Verizon Unveils Enterprise Cloud, Storage Portfolio (ExecutiveBiz) Verizon has introduced a new portfolio of cloud computing infrastructure–as–a–service and object-based storage products for enterprise customers
BYOD vulnerability remediation from iScan Online (Help Net Security) iScan Online announced a new user-friendly approach that will prioritize and simplify how users remediate their own devices. The new BYOD remediation feature categorizes issues by vendor and directs
Arbor Networks improves its network intelligence solution (Help Net Security) Arbor Networks announced scalability and performance improvements to Peakflow SP. Many of the world's leading service providers and largest enterprise network operators rely on Arbor's Peakflow SP platform
High–performance wireless router from Netgear (Help Net Security) Netgear launched its newest dual-band 802.11ac wireless router, Nighthawk AC1900 Smart WiFi Router (R7000). Nighthawk combines a powerful 1GHz dual core processor with a SuperSpeed USB 3.0 port and
McAfee SIEM solution delivers situational awareness (Help Net Security) McAfee announced an "endpoint aware" SIEM solution that adds real time system state information to enhance situational awareness and streamline incident response. This solution brings together big
Shell Control Box now monitors web based applications (Help Net Security) BalaBit IT Security announced a new version of its Shell Control Box (SCB) activity monitoring appliance. The latest version of SCB makes forensics investigations easier, faster and more cost
iGT Launches its SCAP Hardening Scripts (Satellite Today) iDirect Government Technologies (iGT), a wholly owned subsidiary of VT iDirect (iDirect), has launched its Security Content Automation Protocol (SCAP) hardening scripts, an improved information assurance (IA) compliance and security support for network management systems, protocol processors and SatManage servers
Technologies, Techniques, and Standards
Banks put to the test over cyber security (Telegraph) Simulated online attack will test UK's banking, payments and markets systems. Banks will next month launch the most extensive cyber threat exercise in two years as the authorities test the preparedness of the financial system to survive a sustained online attack
Testing Cyber–Attack Responses (BankInfoSecurity) Banking institutions often stumble when it comes to communicating about cyber-attacks says Dennis Simmons, president and CEO of SWACHA, a regional payments association. But a simulated cyber-attack drill set for October aims to address those challenges, he says
Research and Development
Algorithm Writes People's Life Histories Using Twitter Stream (MIT Technology Review) If you tweet about your life, a new algorithm can identify your most significant events and assemble them into an accurate life history, say the computer scientists who built it
Google in Jeopardy: What If IBM's Watson Dethroned the King of Search? (Wired) Remember Watson, IBM's Jeopardy champion? A couple years ago, Watson beat the top two human champions Ken Jennings and Brad Rutter at a game where even interpreting the cue is complex with language nuances. (Not to mention finding answers at lightning speed on any subject matter.) Yet after the initial excitement, most people — except for a notable few — forgot about Watson. But we need to pay attention, and now. Because Watson heralds the emergence of "thinking machines" capable of knowledge creation that will trump today's knowledge retrieval machines
Firms, Researchers Seek Better Ways To Detect Evasive Threats (Dark Reading) As defenders increasing use dynamic analysis and sandboxes, attackers have adopted a number of evasion techniques forcing security firms and researchers to adapt
Can quantum cryptography be the only secure communication? (SFGate) QSAlpha, a San Francisco based phone designer, is in the midst of raising money to build a heavily fortified smartphone that it claims will be impervious to the snooping and identity theft of black hat hackers. The company plans to release the Quasar IV some time next year and claims the encryption techniques on the device are completely unbreakable
Academia
The real LA schools iPad scandal (ZDNet) A massive rollout of iPads in the LA Unified School District has been paused after the district's plans for content filtering and security quickly collapsed. Won't someone think of the children
Top Student Hackers in North America Progress to Final Round of NYU–Poly Cyber Security Awareness Week (Digital Journal) After 72 grueling hours of worldwide competition from 82 countries, 15 student teams will progress to the final round of one of the biggest Capture the Flag (CTF) hacking competitions, part of the 10th annual Polytechnic Institute of New York University (NYU–Poly) Cyber Security Awareness Week (CSAW). For the first time, a high school team scored so highly that the judges invited its members to join the heretofore all-undergraduate final round
Cybersecurity and Information Assurance Faculty (Inside Higher Ed) Harford Community College is a dynamic, open-access institution that promotes graduation, transfer, individual goal attainment, and career and workforce
Legislation, Policy, and Regulation
Chloe Smith and John Randall quit government ahead of reshuffle (Spectator) In the past few minutes, Deputy Chief Whip John Randall and Cabinet Office Minister Chloe Smith have quit the government ahead of an expected reshuffle this week. James outlined some of the movers and shakers in his column today, and we will bring you full details of the departures and moves as they come, although the word from Downing Street is that there will be no more departures tonight. Smith had the distinction of being able to announce her own departure on Twitter, saying she decided last month
How to improve the oversight of GCHQ (Guardian) Edward Snowden's revelations undermined public trust in the security system, but they have also provided an opportunity to reassess agency activities
The Already Abysmal NSA Surveillance Panel Is Now On Hold Due To The Government Shutdown (TechCrunch) Under–promise, and then under–under–deliver is the name of this game. The panel to vet the NSA set up by President Barack Obama, and nurtured by current Director of National Intelligence James Clapper, is now on hiatus, its funds being frozen as part of the larger governmental shutdown
Dual–leadership role at NSA and Cyber Command stirs debate (Washington Post) During suspected Iranian cyber–attacks on the Web sites of commercial banks last year, Gen. Keith B. Alexander, who simultaneously heads the country's largest electronic spy agency and the military's Cyber Command, proposed a simple solution: Shut off the attacks at their source
Japan, U.S. to adopt cyber–defense guidelines (Daily Herald) The Japanese and U.S. governments will incorporate a policy on how to respond to cyberattacks in the Japan-U.S. defense cooperation guidelines, a move aimed at countering a possible attack by China, according to Japanese government sources. Under the new policy, the Self-Defense Forces and the U.S. military would jointly respond if Japan's defense computer system came under a cyberattack
In Russia, Olympics Watch You (TechCrunch) The ever-curious Russian government is reportedly going to monitor "all communications" during the Winter 2014 Olympics. A Guardian newspaper investigation found authorities are hard-wiring the game's Black Sea resort of Sochi with pervasive surveillance. Investigators "found that major amendments have been made to telephone and Wi-Fi networks in the Black Sea resort to ensure extensive and all-permeating monitoring and filtering of all traffic, using Sorm, Russia's system for intercepting phone and internet communications"
Cloud privacy on EU's agenda (Boston Globe) The words "cloud computing" never appeared in a 119-page digital privacy regulation introduced in Europe last year. They do now
Legal cover for intelligence units long overdue (The New Indian Express) Wikileaks and new information about the blanket and widespread snooping by NSA of cyber mail of millions have raised serious concerns about privacy of individuals. New programmes like Tempora and Prism enable the GCHQ of the UK and NSA of the US to access underground cables and intercept petabytes of information. More important, the capability to store this information has been developed now. Experts calculate that now all books, manuscripts, journals in the British Library can be transferred to computers within minutes. In the UK, a demand is being made to review existing legislation on oversight in the light of the new technology which has greatly enlarged capacities of snooping, affecting the citizen's right to privacy. Changes in Intelligence Services Act of 1994 which provide for Parliamentary oversight of intelligence services have been suggested
Threat information sharing builds better cyber standards, expert says (Federal News Radio) Cybersecurity experts often consider public-private partnerships to be something of a mixed bag. "On the one hand, they're cited as critical…to improving the government's awareness of what's occuring on private-sector networks and also really improving private sector ability to defend networks," said Anne Neuberger, director of the National Security Agency's Commercial Solutions Center. "On the other hand, they're frequently criticised as ineffective"
Litigation, Investigation, and Law Enforcement
BlackHole Exploit Kit Author Reportedly Arrested in Russia (Softpedia) Rumor has it that Paunch, the author of the notorious BlackHole exploit kit, and his partners have been arrested in Russia
UK National Cyber Crime Unit becomes operational (ComputerWeekly) The new National Cyber Crime Unit (NCCU) has become operational as part of the UK's new National Crime Agency (NCA) aimed at fighting serious and organised crime
Ars readers react to Silk Road's seizure (Ars Technica) This week Ars and its readers were surprised by the sudden shutdown and seizure of the Silk Road, a Tor-enabled hidden marketplace used by people in the know to buy and sell goods (read: drugs). At the same time, the FBI announced that it had arrested a man named Ross William Ulbricht in San Francisco. Ulbricht, the bureau alleged, went by the moniker "Dread Pirate Roberts" and ran the, um, Silk Road show
Bitcoins, Web–Exchanges Make Following Money Near Impossible (Threatpost) The good news is that cooperation between the various law enforcement agencies in different countries all over the world is at an all time high; the bad news is that cybercriminals have embraced a potent combination of the anonymous online currency Bitcoin and equally anonymous, Web-based currency exchanges located outside U.S. jurisdiction that allow them to turn those Bitcoins into real money, making it more difficult than ever to track the bad actors down
The FBI could end up with millions of dollars in bitcoins—and it plans to sell them (Quartz) The US Federal Bureau of Investigation (FBI) could end up owning up to 5% of all bitcoins in circulation following its crackdown on the illegal drug market Silk Road. Update: This speculative number is based on an assertion of an FBI spokesperson, who guessed that the Silk Road founder's personal bitcoin wallet could contain up to $80 million in bitcoins. That would require that founder Ross Ulbricht had kept essentially all of the revenue he earned from Silk Road in bitcoin, which is highly unlikely
DOJ's non–ironic arguments rejecting Google, Facebook user data transparency requests (ZDNet) On Monday the US Department of Justice rejected the formal request of Google, Facebook and other Internet giants to share government user data requests with the public with some unsettlingly non-ironic arguments against data transparency
Cheeky Lavabit did hand over crypto keys to US government after all — printed in a 4–point font (Naked Security) Just under two months ago, we wrote about the mysterious closure of Edward Snowden's secure email service, Lavabit. With the unsealing of US court documents, a fascinating (and cheeky) cryptographic tale has emerged
Lavabit's Fight to Protect its Customers (InforSecurity Magazine) Ladar Levison shuttered his secure email service Lavabit in early August, saying he did not wish to "become complicit in crimes against the American people." Law enforcement involvement was obvious; but the details were not
NongHyup demands 5 bln won from AhnLab over North Korean cyberattack (Yonhap News) NongHyup Bank said Friday that it will demand 5 billion won (US$4.7 million) from AhnLab Inc., an antivirus software firm, for damage from an allegedly North Korea-led cyberattack in March. The banking unit of NongHyup Financial Group Inc. said AhnLab's software program failed to deal with malicious code attacks on March 20, inflicting financial damage to the company
Don't put personal stuff on your personal BYOD smartphone (FierceMobileIT) Privacy risks of BYOD for both employee and employer. Employees should not put personal information on their own smartphones if they use them at work, advises James Kendrick with ZDNet. While the smartphone may be owned by the employee, the employer can get access to the phone if it is used for work through a BYOD policy