Cyber Attacks, Threats, and Vulnerabilities
Hacker group attacks North's Web sites again (Korea Joongang Daily) The international hacker collective Anonymous, which previously hacked the pro-Pyongyang propaganda Web site Uriminzokkiri and leaked some 15,000 members personal profiles on the Internet in March, carried out its second cyberattack of the Norths Web sites yesterday.One of the hackers who conducted the attack, identified by the ID @AnonyOpsKorea, stated on Twitter that the attack began at 10 a.m. yesterday Korean time, and that they successfully hacked the official Web sites of the Norths public
Anonymous and Anonghost started #OpPetrol with the leak of Saudi Arabia Govt. Email Login credentials (Hackers News Bulletin) After #OpUSA in which Hackers hacked, defaced many websites, leaked emails and data of govt. websites and financial institutions of USA, we also collected a plethora of hacked stuff under #OpUSA and we also got many fake hacks, defacement from various hackers over the world but after their #OpUSA hackers started #OpPetrol.In the start of #OpPetrol hackers claim to hack 16 Gov Emails login credentials of Saudi Arabia Government, according to hackers this latest operation will target 12 Countries
Can The Jihadi Geek Squad Secure The Web For Al Qaeda? (TPM) "Most cryptography applications today use public-key cryptography. Every web browser has public key cryptography, so when you do your online banking, you go through SSL and that uses pub key cryptography," explained Phil Zimmermann president and
Febipos Malware in the wild that steals your Facebook profile (cyberwarzone) Microsoft has discovered a trojan which hijacks Facebook accounts. The malware penetrates through a Chrome extension or Firefox add-on. Safari and Internet Explorer seem to be safe. Microsoft warns that the malware takes over the Facebook account and then performs various unwanted actions. The malware - now known as Febipos was first found in Brazil. The malware can chat, share content, post messages to other profiles, comment on posts, like pages and join Facebook groups. In the warning report
Hijacking Facebook accounts via expired Hotmail accounts (Help Net Security) Three researchers from Rutgers University in Newark, New Jersey, have discovered a simple way to hijack Facebook accounts by misusing existing features and responses of Facebook, Microsoft's Hotmail
What If We Thought More Often About Being Tracked Online? Man Stalks Himself To Find Out (Fast Company) After tracking his every online (and physical) move for about two months, NYU grad student Frederico Zannier is selling his online data--for a mere $2 per day
An unholy alliance - Fake Anti-Virus, meet Bogus Support Call! (Naked Security) What happens when a scammer decides to marry fake anti-virus and bogus support calls? Paul Ducklin has a bit of a weekend chuckle at the result
Tomren Wealth Management Suffers Security Breach (eSecurity Planet) California's Tomren Wealth Management recently notified clients of a server breach that occurred between February 21 and March 6 of this year (h/t DataBreaches.net).The notification letter [PDF file] states that while forensic investigators found that spamming software had been loaded onto the server, it's unclear whether the attacker also accessed any clients' personal information.Still, the letter states, the server did contain clients' names, Social Security numbers, driver's license informat
Android Font Apps Hosted on Google Play Install Spyware (Softpedia) Security researchers from Webroot have come across a couple of shady Android font apps hosted on Google Play. The apps install not only fonts, but also a piece of spyware.The applications in question, Free Galaxy Classic Fonts and Galaxy Fonts, allow users to install additional fonts on their Android smartphones. However, experts found that besides the fonts, an Android spy app called iKno is also installed. iKno monitors SMSs, calls, and the devices location, and sends the information back to a
Researchers uncovered new malware used by Chinese cyber criminals (Hacker News) Trend Micro researchers have uncovered a new backdoor piece of malware from the Winnti family, which are mainly used by a Chinese cybercriminal group to target South East Asian organizations from the video gaming sector
The U.S. military's supply chain risk called 'frightening' (Computer World) New report from the Alliance for American Manufacturing questions the military's use of foreign semiconductor and telecom equipment. The U.S. military's reliance on foreign-made products, including telecommunications equipment and semiconductors, is putting the nation's security at risk by exposing agencies to faulty parts and to the possibility that producing nations will stop selling vital items, according to a new report from the Alliance for American Manufacturing
Newly launched E-shop for hacked PCs charges based on malware 'executions' (webroot) On the majority of occasions, Cybercrime-as-a-Service vendors will sell access to malware-infected hosts to virtually anyone who pays for them, without bothering to know what happens once the transaction takes place.A newly launched E-shop for malware-infected hosts, however, has introduced a novel approach for calculating the going rate for the hacked PCs. Basically, theyre selling actual malicious binary executions on the hosts that the vendor is managing, instead of just selling access to the
DDoS Services Advertise Openly, Take PayPal (KrebsonSecurity) The past few years have brought a proliferation of online services that can be hired to knock Web sites and individual Internet users offline. Once only found advertised in shadowy underground forums, many of todays so-called booter or stresser services are operated by U.S. citizens who openly advertise their services while hiding behind legally dubious disclaimers. Oh, and they nearly all rely on Paypal to receive payments. Many of these booter sites are based on the same source code, meaning
China: Online predator or hapless host? (The Register) The Peoples Republic of China has been singled out in increasingly unequivocal language by the US and its allies as one of, if not the greatest, source of online attacks, be they perpetrated by criminals or the Chinese state itself. But amid all the anti-Beijing bluster, has China been given an unfairly bad rep
US government is 'biggest buyer' of zero-day vulnerabilities, claims report (Network World) US government is 'biggest buyer' of zero-day vulnerabilities, claims report. While the Pentagon is pointing its finger at China for hacking and cyberespionage, a Reuters report claims China's not the only cyber-devil…we are too. In fact, the US
Booming 'zero-day' trade has Washington cyber experts worried (Reuters) The proliferation of hacking tools known as zero-day exploits is raising concerns at the highest levels in Washington, even as U.S. agencies and defense contractors have become the biggest buyers of such products. White House
Online payment provider CashU warns Middle East PC users against potential increase in malware threats (Albawaba) Leading regional online payment provider CashU has warned Middle East PC users to remain diligent and protect their PCs with up to date antivirus and antimalware software in light of the recent malicious attacks across the region. The virus prompts users with an onscreen message that their PC is locked and asks users to send a set amount of money via CashU service to have their PC unlocked. While CashU service has not been interrupted nor has the integrity of our customers information been breached
Manila-Taipei cyberwar threatens to escalate as PHL group vows 'operation' (GMA News) The Anonymous #Philippine Cyber Army claimed Comelec's website www.comelec.gov.ph, which was still inaccessible Sunday afternoon, remained under cyber-attack by Taiwan. "Comelec is still under cyber attack by Taiwan. It has dealt great damage and
Comelec website down 2 days before polls, possible victim of cyber attack (GMA News) With two days before the May 13 elections, the Comelec website, along with several other government websites, became inaccessible. Comelec spokesman James Jimenez claimed that this was due to the volume of traffic rather than sabotage. Jimenez
US-Japan foreign ministry files thought leaked (AsiaOne) Last year's cyber-attack on the farm ministry, which is thought to have resulted in the leak of about 3,000 documents overseas, also included documents created jointly by the Foreign Ministry and the US government, sources revealed
City of Mobile Police Hacked & Data Leaked by Turkish Ajan (cyberwar news) Turkish Ajan hacker group has today announced a leak of data from the City of Mobile Police.The City of mobile police is located in the town of Mobile which claims to be the 3rd largest city in the U.S. State of Alabama and is the official police department for the county and surrounding area.The announcement has come from the official twitter account of Turkish Ajan
Washington Court Data Breach Exposes 160K SSNs (Threatpost) Attackers using a vulnerability in Adobe's ColdFusion app server were able to compromise servers belonging to the Washington State court system sometime in the last few months and walked off with data belonging to as many as a million residents of the state. The attackers had access to 160,000 Social Security numbers and the driver's license numbers and names of a million people
Administrative Office of the Courts announces data breach (Chinook Observer) Upon continued investigation, with the assistance of the Multi-State Information Sharing and Analysis Center (the key resource designated by the U.S. Department of Homeland Security for cyber threat prevention response and recovery for state, local and
Bitdefender Warns of 419 Scam Spreading on LinkedIn (eSecurity Planet) Bitdefender researchers recently received a LinkedIn message from a user identifying himself as Aziz Mohammed, a manager at Malaysia's Standard Chartered Bank. The LinkedIn user's profile appeared to have been built using the photo and profile
Patient data at risk after X-ray scam (FierceHealthIT) Protected health information for more than 17,000 patients of an orthopaedic clinic in North Carolina is at risk, thanks to a silver-mining vendor scam
Schnucks CEO Issues Message on Cyber Attack (KMOX.com) "I sincerely apologize for the inconvenience caused by the cyber attack on our card payment system. We were able to block access on March 30th and we increased security." Schnuck said customers can use any new debit and credit cards at the store "with
Security Patches, Mitigations, and Software Updates
Adobe Shipping Critical Fixes for Reader and Acrobat in May Patch (Threatpost) Adobe is set to publish security updates in various versions of its Acrobat and Reader software packages along with Microsoft in the May edition of Patch Tuesday
Microsoft Security Bulletin Advance Notification for May 2013 (Microsoft Security TechCenter) This is an advance notification of security bulletins that Microsoft is intending to release on May 14, 2013. This bulletin advance notification will be replaced with the May bulletin summary on May 14, 2013. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification
Cyber Trends
Ten Emerging Threats Your Company May Not Know About (Dark Reading) Some new attacks get a lot of attention. Here's a look at 10 that haven't, but ought to be on your radar. Security professionals are certainly not at a loss for things to worry about. Indeed, the list of threats to corporate systems and the data they contain is very long, and IT departments are constantly challenged in their efforts to mitigate these risks. Unfortunately, the security threats you know about are only the proverbial tip of the iceberg. Lying underneath the churning waves of business requirements and technology shifts is the bottom of the berg -- a threat that's scariest because it's largely unknown
US cyberwar strategy stokes fear of blowback (NBCNews.com) "The only people paying are on the offensive side," said Charlie Miller, a security researcher at Twitter who previously worked for the National Security Agency. A spokesman for the NSA agreed that the proliferation of hacking tools was a major concern
Cyber Insecurity: The 21st Century's Version of Air Pollution (Time) Then-defense secretary Leon Panetta referred to the threat of cyber attacks as a "cyber Pearl Harbor." - A senior Cyber Command official has declared that we are in the middle of a "cyber arms race." - Other experts have used public health as a
Power companies present cybersecurity gaps (USA Today) The U.S. military's top cybercommander said some of the nation's utility companies have lagged in investing in network security, raising concerns about the vulnerability of the nation's critical infrastructure. "The power industry has a wide scale, from companies that are very good to companies that need a lot of work and a lot of help," Gen. Keith Alexander, commander of Cyber Command, said Friday
Can collaboration defend US critical infrastructure? (FCW.com) Keith Alexander, National Security Agency director and commander of U.S. Cyber Command. "When you talk about legislation and developing standards, the power companies are really the ones who have the biggest problem, because if you say, 'We want
Nearly two-thirds of organizations do not enforce encryption policies, says analyst (FierceMobileIT) BYOD presents enterprises with a number of security and privacy challenges that must be addressed, Gib Sorebo, chief cybersecurity technologist at research firm SAIC, told an audience here at Interop on Thursday. Sorebo related that nearly two-thirds of organizations do not enforce encryption policies, which opens up corporate data to risk of unauthorized disclosure
Marketplace
Former presidential advisors named to Gov. Andrew Cuomo's Cyber Security Advisory Board (Auburn Citizen) Sony senior vice president and chief information security officer Phil Reitinger. Reitinger was the director of the National Cyber Security Center at the U.S. Department of Homeland Security. He also worked at the Defense Department's Cyber Crime
ANALYSIS: Why this surge of VC funding is different (USA Today) With companies and governments spending billions to repel cyber threats, a surge of venture capital has begun pouring into companies developing cybersecurity technologies. "Cyber is the front line of the conflict, and there is a tremendous need for solutions which secure the digital frontier," says Bob Ackerman, managing director of Allegis Capital
Huawei CEO Dismisses Security, Spying Concerns (InformationWeek) Company founder denies that Huawei employees would ever be forced to spy for China
Jim McAleese: The 2013 Sequester and How GovCon Firms Have Responded so Far (GovConWire) Jim McAleese, founder and principal at McAleese & Associates, recently caught up with Executive Mosaic, parent company of the Potomac Officers Club (P.O.C) and publisher of GovCon Wire, to provide some detailed insight and perspective into the 2013 sequester. McAleese will be speaking on May 14 at the P.O.C's Post-Sequestration Summit with nine other government and industry thought leaders about
Praescient Analytics: Decoding Data for National Security and Defense (Tech Cocktail) Katie Crotty, Yvonne Soto, and Patrick Ryan embarked on a mission when they started Praescient Analytics: revolutionize the way the world understands information with the latest analytics tools. It began as a modest offering, but soon blossomed into a $20-million-dollar business with clients in the Department of Homeland Security, the Department of Defense, and the intelligence community
A new defense contractor opens an office in WestGate Tech Park (Greene County Daily World) WestGate at Crane Technology Park has a new defense contractor that provides engineering and technical services support to a wide range of world-wide clients. Camber Corporation is opening a technology office in the tech park. Camber Corporation's customers span the global and federal market place and include Homeland Security, Department of Defense, and state governments as well as wide ranging international clients from Dubai to Japan, the Philippines, Africa, and Asia
Bloomberg bars reporters from client activity after spying scandal (Sydney Morning Herals) Financial data and news company Bloomberg says it has corrected a "mistake" in its newsgathering policies and cut off its journalists' special access to client log-in activity on the company's ubiquitous trading information terminals after Goldman Sachs complained about the matter last month.A person familiar with the matter said on Friday that Goldman Sachs became concerned about outside access after a Bloomberg reporter, investigating what she thought was the departure of a Goldman employee
Bloomberg's culture is all about omniscience, down to the last keystroke (Quartz) At Bloomberg, omniscience is a feature not a bug. The company's New York City skyscraper unfurls around its courtyard like a panopticon. Inside, the decor is punctuated at every turn with fish tanks. No one has an office to hide in, and the meeting rooms are enclosed in clear glass
What Bloomberg employees can see when they snoop on customers (Quartz) Bloomberg LP is in damage-control mode. Some of its largest customers have publicly accused the firm's journalists of snooping on their usage of Bloomberg terminals, the firm's wildly profitable information service for investors
Obama's Cyber Focus Fuels Check Point Advance (Businessweek) Check Point Software Technologies Ltd. (CHKP) had its longest…Obama and intelligence officials have said one of their top policy
Products, Services, and Solutions
Apple can decrypt iPhones for cops; Google can remotely "reset password" for Android devices (Boing Boing) Apple apparently has the power to decrypt iPhone storage in response to law-enforcement requests, though they won't say how. Google can remotely "reset the password" for a phone for cops, too
Open source NAC PacketFence 4.0 released (Help Net Security) PacketFence is a fully supported, trusted, free and open source NAC solution
Technologies, Techniques, and Standards
Are you obligated to point out security flaws if you're just hired for a small job? (Ars Technica) You don't want to throw an employee under the bus, but security holes should be fixed
Extracting Digital Signatures from Signed Malware (Internet Storm Center) Sometimes attackers digitally sign their malicious software. Examining properties of the signature helps malware analysts understand the context of the incident. Moreover, analysts could use the signature as an indicator of compromise. Here are some tips and tools for determining whether a suspicious Windows executable has been signed and for extracting the embedded signature in a Linux environment. We'll look at Pyew, Disitool and get a bit of help from OpenSSL
Bringing networking and security together through network automation (Help Net Security) The past ten years have seen a proliferation of increasingly complex network devices. Coupled with the recent rise in adoption of BYOD policies, mobile working practices, virtualisation and cloud
Research and Development
Google Has Aggressive Plans for Strong Authentication (Threatpost) Google has a long-term plan for strong authentication that ties log-ins to the operating system and hardware, and puts up barriers against man in the middle attacks and weak passwords
Did government scientists really create a secret quantum internet? (io9) But for two years, researchers at Los Alamos National Labs have been working on something they call network-centric quantum communications -- and this could usher in the next generation of hyper-secure, scalable, and affordable quantum cryptographic
Academia
How UNSW creates the world's best hackers (Sydney Morning Herald) It's noon on Tuesday and a group of four students are hovering over their laptops having just bunkered down in a room at UNSW's Kensington campus, where they're going to be for the next 24 hours hacking into IT systems. Computer cables, power boards, water bottles and brown paper bags full of food are spread across the table.Looking over the students' shoulders is their admired IT security lecturer and mentor, who likes to distance himself from being called an academic, laughs off the suggestion
Academic institutions urged to improve network and DNS configurations (Help Net Security) The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) has issued an alert to IT security staff, and network and DNS administrators urging them to improve their network and DNS configurations to prevent their institution from being an unwitting partner in DoS attacks
Legislation, Policy, and Regulation
Beyond Cellphone Unlocking: Don't Kill the First Reasonable DCMA Reform Bill (Wired) A funny thing happened on the way to Congress yesterday. For once, lawmakers introduced a common-sense bill: the Unlocking Technology Act of 2013. If passed, the bill would give Americans freedom to do what they need — unlock, repair, maintain
FBI's Latest Proposal for a Wiretap-Ready Internet Should Be Trashed (Wired) While it's not yet clear how dire the going-dark scenario really is, the statutory "cure" proposed by the FBI — with fines starting at $25,000 a day for companies that aren't wiretap capable — would surely be worse than the
Taiwan needs to speed up work on cyber-attack defence (The Nation) In an ever-growing virtual world, cyberwarfare is likely to overshadow ground
Cyber-attacks show PH 'vulnerability' - group (Rappler) The group behind the crowdsourced Magna Carta for Philippine Internet Freedom, which is being pushed by Sen Miriam Defensor Santiago, said that the recent distributed denial of service (DDoS) attacks on government websites showed the "vulnerability" of the country's Internet security
Japan, U.S. conclude 1st dialogue on cyber defense cooperation (GlobalPost) The participants included officials from Japan's Defense Ministry and National Information Security Center as well as the U.S. Department of Homeland Security and the Pentagon. The dialogue followed the decision of Japan and the United States to
Should Companies Be Required to Meet Certain Minimum Cybersecurity Protections? (Wall Street Journal) Cybersecurity specialists tackle the question of whether the government should set standards for protection of corporate computer networks. U.S. companies appear to have lots of not-so-secret secrets
Do we already live in a police state? (Examiner.com) However, the National Security Agency has spied on American citizens since at least 2001, according to the Electronic Frontier Foundation. Prior to the September 11 terrorist attacks, the NSA had listened in on several of the hijackers' phone calls
In our opinion: Wiretapping laws (Deseret News) In Utah, the National Security Agency is completing construction of a super-secret data center in Bluffdale that will reportedly have the wherewithal to intercept and monitor the entire daily tsunami of worldwide electronic communications
Litigation, Investigation, and Law Enforcement
Feds Won't Say if NSA Surveilled New York Terror Suspects (Wired) Federal authorities prosecuting two brothers on allegations they plotted to blow up a high-profile target in New York City are refusing to divulge whether they cracked the case by employing a style of warrantless electronic eavesdropping first introduced by President
UK spyware used against Bahraini activists – court witness (RT) UK spy technology was used against British citizen in Bahrain, new evidence filed in a UK high court has claimed. Activists are calling for a judicial review of the UKs failure to hold firms accountable for sales of spy software to repressive regimes.The evidence submitted contains a witness statement from Bahraini activist and writer Ala'a Shehabi, 30. She has both Bahraini and British citizenship, and is one of the founding members of Bahrain Watch, an independent research and advocacy organization
Legal Showdown on Cybersecurity (Wall Street Journal) When hackers broke into computer systems at Wyndham Worldwide Corp. and several of its hotels, they allegedly stole payment-card numbers for hundreds of thousands of consumer accounts.They also sparked a high-stakes legal battle over whether a federal agency can use its consumer-protection powers to police cybersecurity practices at American companies
Bank Muscat mulls options to recover card fraud money (Times Of Oman) Bank Muscat on Sunday said it is examining all options to recover $39 million it lost in a major fraud unveiled by US authorities last week."Bank Muscat is aware from press reports that a number of arrests in different jurisdictions have taken place in relation to the prepaid debit card fraud incident which we disclosed on February 25 and 26," the bank said in a disclosure statement posted on MSM website Sunday
Banks must get serious about cyber security (Gulf News) In the global rush to become part of the growing digital economy, few people seem to be paying much attention to security. Every week there are new stories of computer hackers finding inventive ways of breaking into computers, with the end result usually being the loss of millions of dollars. Last weekend, two local banks became the latest victims of online fraud when hackers found a way to increase the limit of prepaid debit cards, which were then used at ATMs to withdraw cash. Over $40 million
Massive Cyber-Heist Result of Weak Endpoint Security (PC Magazine) A cyber-gang walked off with $45 million in cash in an audacious cyber-attack earlier this year, according to court documents unsealed this week. As PCMag.com reported on Friday, eight individuals living in New York were indicted for their roles in a
Hacking Skills Used to Stop Cyber Attacks (WLBZ) Yesterday, U.S. prosecutors announced the arrest of seven suspects involved in a coordinated cyber attack. The suspects are accused of stealing $45 million from banks using ATMs across the world. This is not the first
Cyber-thieves snatched $45 million via Indian back office (The Hindu) Highlighting the global scale of the crime, Ms. Lynch said the U.S. Secret Service and Department of Homeland Security had worked in concert with law enforcement authorities in Japan, Canada, Germany, Romania the United Arab Emirates, Dominican
TRA denies penalties for using Skype in UAE (Emirates 24/7) The Telecommunication Regulatory Authority (TRA) has denied media report that UAE residents could be fined and imprisoned for using Skype. A report said today that some of the services that Skype offers - like making telephone calls - need a licence from the TRA and the violators could be fined up to Dh1 million and also imprisonment