Cyber Attacks, Threats, and Vulnerabilities
An anti-US Stuxnet? Startling attack against industrial complex revealed. (Christian Science Monitor via Yahoo!News) A cyber-espionage campaign targeting industrial control system networks bears all the hallmarks of sabotage — and has an apparent Russia connection, one group says
Energy providers hacked through malicious software updates (CSO) Symantec says the Dragonfly campaign, originating in Eastern Europe, sought to gain persistent access to energy suppliers
The threat to Taiwan's information security in CSSTA (Taiwan News) As Next Media Group and the Apple Daily in Hong Kong and Taiwan assessed the damage from two consecutive days of large-scale cyber attacks late last week, an investigation by security units in Taiwan pointed to a cyber warfare unit in China as the likely culprit in one of the most massive direct denial of service (DDoS) attacks in the history of the Internet
Dropbox Used to Attack Taiwanese Government (Fresh Business Thinking) The cloud storage service, Dropbox, is being used to command and control a cyber attack on the Taiwanese government, according to a cyber security expert
Warning Signs Corporate Computers Could be Talking to Cloud-based Malware (Computerworld) The recent discovery of command-and-control software sending instructions to malware-infected computers from Dropbox raises the question of how such threats can be discovered
WordPress plugin with 1.7 million downloads puts sites at risk of takeover (Ars Technica) Sites running MailPoet should install update ASAP
Facebook SDK flaw allows unauthorized access to Facebook accounts (Help Net Security) MetaIntell has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user's Facebook account using a session hijacking method that leverages the Facebook Access Token (FAT)
Geodo infostealer gets help from worm (Help Net Security) The distribution potential of the infamous Cridex infostealer (also known as Feodo or Bugat) just went up a notch, as a new version of the malware works in conjunction with a worm that sends out emails with a link to download a zip file containing the trojan
Microsoft issues mea culpa to No-IP, but service reportedly remains down for many (Ars Technica) A DDoS on the heels of Microsoft's takeover of 22 No-IP domains makes things worse
Europe and the U.S. Targeted by Jenxcus and Bladabindi Malware (Softpedia) Believed to be created by two Kuwaiti and Algerian nationals, the Jenxcus (NJw0rm) and Bladabindi (NJrat) malware families focused mostly on users in Europe in the past 12 months, but they affected the United States, too
Botnet Advancements — The latest trends in botnet activities (Trend Micro: Simply Security) In my previous post I discussed the basics of a botnet in which we included an infographic giving you a visual representation of how botnets are formed, how they work, and how to not become a zombie. In this new post, I'm going to dive a bit deeper into the latest trends we've seen with cybercriminals use of botnets and some of the latest statistics we've gathered over the first half of this year
Brazilian 'Boleto' Bandits Bilk Billions (Krebs on Security) With the eyes of the world trained on Brazil for the 2014 FIFA World Cup, it seems a fitting time to spotlight a growing form of computer fraud that's giving Brazilian banks and consumers a run for their money. Today's post looks at new research into a mostly small-time cybercrime practice that in the aggregate appears to have netted thieves the equivalent of billions of dollars over the past two years
Anti-piracy music industry site hacked, turned into Pirate Bay proxy (Ars Technica) Payback for music group winning injunction blocking 256 Pirate Bay IP addresses
Anatomy of a buffer overflow — Google's "KeyStore" security module for Android (Naked Security) Here's a cautionary tale about a bug, courtesy of IBM. Not that IBM had the bug, just to be clear: Google had the bug, and IBM researchers spotted it
DOWNAD Tops Malware Spam Source in Q2 2014 (TrendLabs Security Intelligence Blog) DOWNAD, also known as Conficker remains to be one of the top 3 malware that affects enterprises and small and medium businesses. This is attributed to the fact that a number of companies are still using Windows XP, susceptible to this threat
Advanced Persistent Threats 'absolutely exist' says Palo Alto Networks (Computing) Advanced Persistent Threats (APTs) are real and "absolutely exist", and should not be dismissed as sales hype, according to firewall firm Palo Alto Networks
Security Patches, Mitigations, and Software Updates
Microsoft boosts security in Outlook and OneDrive (Tech Guru Daily) Microsoft is increasing the levels of security in some of their major products, reinforce legal protections and increase transparency
Cyber Trends
The 5 Biggest Cybersecurity Myths, Debunked (Wired) "A domain for the nerds." That is how the Internet used to be viewed back in the early 1990s, until all the rest of us began to use and depend on it. But this quote is from a White House official earlier this year describing how cybersecurity is too often viewed today. And therein lies the problem, and the needed solution
Big data security analytics mantra: Collect and analyze everything (NetworkWorld) Sampling security data is no longer adequate or necessary — CISO mindsets are due for a change
Security worries hold firms back from hybrid cloud (FierceITSecurity) Security worries are the top reason enterprises are not adopting hybrid cloud, according to a survey of 100 "influencers" in the global cloud market by TechNavio
Big cyber hack of health records is 'only a matter of time' (Politico) The health world is flirting with disaster, say the experts who monitor crime in cyberspace. A hack that exposes the medical and financial records of tens of thousands of patients is coming, they say — it's only a matter of when
Better put on your running shoes (Insurance News Net) Most health organizations fully understand that they are at great risk in terms of cyber attacks, but few possess the proper perspective in terms of developing an effective cyber attack defense plan. Paul Calatayud, Chief Information Security Officer, Surescripts, perhaps puts it best when he says, "Preparing for a cyber attack is like preparing for a bear attack. You don't train to fight the bear. You prepare to be faster than the guy standing next to you"
New KnowBe4 Survey Shows IT Pros Concern Over Ransomware Skyrocketing (Insurance News Net) A new survey by IT Security company KnowBe4 shows the growing alarm among IT Pros about the threat of ransomware like the infamous CryptoLocker. The KnowBe4 June 2014 survey over 300 IT Pros compared the levels of concern over ransomware to a similar survey by IT Security company Webroot in January this year. The study showed the rapidly growing apprehension over ransomware, rising to to 73% from 48% of those who are very or extremely concerned about it. Nearly half of the IT professionals surveyed know someone who has experienced a ransomware attack and it worries them more now with 88% expecting ransomware to increase for the remainder of the year compared to 66% at the start of this year
Cybersecurity Spending Reflects Limited Shift in Priority (Wall Street Journal) Security continues to take dollars from other IT spending categories, but it shouldn't slight strategic initiatives meant to support revenue growth
The "internet of things" may not always need an internet connection (Quartz) The "internet of things" is one of those odd phrases that can mean many things and nothing at the same time. On one hand, it describes a future that is rapidly becoming the present, with all sorts of objects—from televisions and watches to cups and streetlights—able to connect to the internet. On the other hand, it is used a marketing tactic by chip-makers and networking companies eager to sell their wares. Between 26 and 50 million "things" will be connected to the internet by 2020, according to various forecasts
Marketplace
10 security start-ups to watch (NetworkWorld) Squeezing more out of log management and SIEM; beating botnets; detecting stealthy attacks
Palo Alto: Morgan Stanley Ups Target to $105 on Product Cycle, Sales Ramp (Barron's) Shares of networking security vendor Palo Alto Networks (PANW) are higher by $4.21, or over 5%, at $85.42, after Morgan Stanley's Keith Weiss this morning reiterated an Overweight rating on the stock, and raised his price target to $105 from $90, writing that a combination of multiple new products and slower growth in its costs could boost free cash flow 45% next year
Corero DDoS Defense System Wins Two Hot Companies and Best Products Awards from Network Products Guide (Wall Street Journal) Corero Network Security (LSE: CNS), a leading provider of First Line of Defense® security solutions, today announced that its DDoS Defense System was selected for two of Network Products Guide's 2014 Hot Companies and Best Products Awards. The solution won silver in the "IT Products and Services for Enterprise (Medium)" and "IT Products and Services for Finance, Banking and Insurance" categories. These industry and peer recognitions from Network Products Guide honor the achievements of organizations across the IT industry
Tenable Network Security Named a Top Workplace by The Washington Post (MarketWatch) Tenable Network Security®, Inc., the leader in continuous network monitoring, has been selected as one of The Washington Post Top Workplaces based on ratings by its employees. Tenable also received the The Washington Post's special award for leadership for a midsized company. The Post reached out to thousands of employees from 244 businesses to help analyze how the area's top organizations are shaping the future of the workplace
Encryptics Names John D. Cohen Chief Strategy Advisor (Digital Journal) Encryptics, a provider of patented data privacy and protection services for businesses and government entities, has named John D. Cohen as the company's Chief Strategy Advisor. In this role, Cohen will be responsible for continuing to position its data encryption technology at the forefront of the cybersecurity landscape for private and public companies, governments, and public safety entities
Products, Services, and Solutions
Bugcrowd adds 'flex' pricing model to bug-bounty programs (NetworkWorld) Idea is to get security researchers to vie to find unknown vulnerabilities in software
Q2 Partners with Easy Solutions to Expand Secure Virtual Banking Offerings (Wall Street Journal) Easy Solutions®, the Total Fraud Protection® company, and Q2 (NYSE: QTWO), a leading provider of secure virtual banking solutions for regional and community financial institutions, today announced a partnership to provide omni-channel fraud prevention solutions to Q2's roster of more than 340 financial institutions. Easy Solutions' award-winning platform is designed to protect organizations against the most sophisticated forms of electronic fraud
Aorato Joins Forces with Microsoft to Protect Customers (MarketWatch) For the first time, Aorato will receive advanced information from Microsoft about their monthly security bulletins to anticipate emerging threats and provide mutual customers with more timely protections
Windows XP user don't care about security updates — market share stable (myce) The amount of Windows XP systems has remained stable in June, according to market researcher Net Applications. The company reports the exact same market share of XP in June as in May this year. According to the company the amount of Windows XP systems makes up 25.3% of the market
GIAC Announces the GIAC Critical Controls Certification (Digital Journal) A unique cybersecurity certification based on the Twenty Critical Security Controls
FireEye Combines Advanced Threat Protection With Traditional Email Security to Deliver Comprehensive Email Threat Prevention Cloud (Wall Street Journal) FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the new release of FireEye® Email Threat Prevention Cloud™ that adds the traditional email security features of anti-spam and anti-virus protection to its advanced threat detection capabilities. Now generally available, the latest update to FireEye Email Threat Prevention Cloud creates the only secure email gateway solution that utilizes the FireEye Multi-vector Virtual Execution(TM) (MVX) engine and FireEye Dynamic Threat Intelligence(TM) (DTI) cloud
IEEE launches Anti-Malware Support Service (Help Net Security) IEEE announced the launch of IEEE Anti-Malware Support Service (AMSS). A new service from IEEE Standards Association's (IEEE-SA) Industry Connections Security Group (ICSG), AMSS is designed to increase the availability of and access to stronger cryptographic and metadata cybersecurity tools and resources, as well as to unite key computer security stakeholders in the development of new ones
Virus Bulletin celebrates 25 years by giving away its content for free (Graham Cluley) Congratulations to Virus Bulletin, the journal of the anti-virus industry, which is celebrating its 25th birthday today
Lunarline's School of Cyber Security Offers NEW Malware Analysis Course (MarketWatch) We at Lunarline are thrilled to announce that the Lunarline School of Cyber Security (SCS) is now offering a new Malware Analysis Course. This 4-day hands-on course provides students with insight into advanced static analysis methodologies, techniques for researching active malware, and real-life examples of malware capabilities and characteristics
MegaCryption 6.4.1 Excels With Additions to Utilities, Algorithms, Key Management, and PGP Encryption Options (Digital Journal) Advanced Software Products Group (ASPG) has announced the latest release of MegaCryption, its robust encryption solution for z/OS, UNIX, LINUX, and Windows platforms. MegaCryption 6.4.1 developments include increased key storage and creation options, accelerated speed for OpenPGP decryption, enhancements to ISPF, as well as additional JCL procedures. With these enhancements, data centers are presented with an array of dynamic features to increase encryption/decryption speed, key management options, and accessibility of cryptographic approaches
Serco launches mitigation training for cyber attacks (ITProPortal) Business services firm Serco has launched a new cyber-attack mitigation training programme, aimed at helping both public and private sector organisations test their security
Identity and Access Management's Role in Secure Cloud Collaboration (eSecurity Planet) As enterprises demand more secure cloud-based externalization, companies like Exostar are answering the call with IAM solutions
Safe harbour for privileged accounts (ITWeb) CyberArk provides expert solutions for protection against cyber attacks
Technologies, Techniques, and Standards
Ideas for defending against cyberespionage (CSO) Experts weigh in on how companies can fend off cyberespionage attacks like those used by a recently discovered group of Russian hackers
10 Steps for Protecting Executives from Risks Using Cyber Threat Intelligence (Cyveillance Blog) As the lines between digital and physical threats progressively blur, forward-thinking executive protection professionals are increasingly recognizing the value of using digital threat intelligence to identify, analyze, and manage threat information. So, what can security professionals do to better defend the executives and employees they're entrusted to protect? Here are 10 steps
7 Free Cybersecurity Planning Resources for SMEs (Security Magazine) Cybersecurity is now a primary concern of senior executives within both the Fortune 500 and, perhaps more importantly, the "SME 28"
Research and Development
Don't Worry, Facebook Still Has No Clue How You Feel (Wired) The claim is as bold as it is creepy: "Emotional states can be transferred to others via emotional contagion, leading people to experience the same emotions without their awareness"
Ovum: Facebook big data experiment may have tragic consequences for mentally ill users (FierceBigData) I get doing research on Facebook to understand more about customers in particular and humanity in general. I also get using marketing techniques such as A/B and multivariate testing on Facebook to improve user response to ads. But manipulating the Facebook news stream to deliberately over-expose users to positive or negative posts in order to evaluate the effects on their emotional responses is definitely taking things too far. Facebook wants our data in turn for the free service—a market exchange—but no one signed up to be their lab rats for any experimentation Facebook can cook up
UK Data Protection Watchdog Probes Legality Of Facebook’s Emotion Study (TechCrunch) Facebook's attempt to learn whether the type of content users of its service are exposed to affects their mood or not has landed it into plentiful hot water this week, generating much debate on the ethics of user manipulation
Academia
Cyber competition enriches UCA campus ( Log Cabin Democrat) Homeland Security official, Robin "Montana" Williams visited UCA last week to instruct and empower students in a week-long robotic competition
Legislation, Policy, and Regulation
New Saudi spy chief confronts 'Islamic State' (Al Monitor) With the al-Qaeda spin-off Islamic State of Iraq and al-Sham (ISIS) now virtually on its northern border, Saudi King Abdullah bin Abdulaziz has appointed a new spy master and a new special envoy for the kingdom. The appointments also strengthen the king's hand in the succession process
Russia Moves To Ban Online Services That Don't Store Personal Data In Russia (TechCrunch) The Russian government has moved one step closer towards a "China-like" approach towards Internet services
Government should consult more widely on cyber security, says NSSC (ComputerWeekly) Cyber security is a key element of the national security strategy and government should consult more external experts, says Margaret Beckett MP, chair of the National Security Strategy Committee (NSSC)
Senators Call On Obama For More Transparency In The Intelligence Community (TechCrunch) Two senators who scolded the intelligence community for failing to provide a sufficient transparency report are taking their complaints to the White House
Give DISA an operational mission to operate and defend the DoDIN, says cyber chief (Federal Times) U.S. Cyber Command and the Defense Information Systems Agency are working collaboratively to develop a construct under which the agency will operate and defend the Department of Defense Information Network (DoDIN), and will be ready to unveil that construct in the fall, said ADM Mike Rogers, USCYBERCOM commander and director of the National Security Agency
Litigation, Investigation, and Law Enforcement
NSA's Internet Monitoring Said to Be Legal (AP via ABC News) The first time the bipartisan Privacy and Civil Liberties Oversight Board dissected a National Security Agency surveillance program, it found fundamental flaws, arguing in a January report that the NSA's collection of domestic calling records "lacked a viable legal foundation" and should be shut down
ISPs take legal action against GCHQ (BBC) Seven internet service providers have filed a legal complaint against the UK's intelligence agency GCHQ
EFF sues the NSA to disclose use of software security flaws (PCWorld) The Electronic Frontier Foundation, a prominent digital privacy rights group, has filed a lawsuit against the U.S. National Security Agency to get it to specify the extent to which it might exploit software security flaws
Are More Snowden Leaks on the Way? (Vocativ) New York-based site Cryptome says it will publish the remaining NSA documents that Edward Snowden swiped
Crypto-email Service ProtonMail Back After PayPal Unblocks Account (Infosecurity Magazine) Payments giant says account freeze was a mistake
PayPal freezes out ProtonMail, asks if startup has 'government permission' to encrypt email (ZDNet) Secure email startup ProtonMail is facing questions over its legality after PayPal froze its account -- as well as over $285,000 in crowdfunding donations
Takedown of No-IP by Microsoft impacts 1.8M customers (CSO Salted Hash) Microsoft's actions have had far-reaching repercussions, including service disruptions in the medical space
Microsoft under fire over disruptive anti-crime operation (Computerweekly) Microsoft has come under fire after an operation aimed at taking down a criminal botnet disrupted traffic to millions of legitimate servers
Security World To Microsoft: Stop Trying To Police The Internet (Forbes) Crazy. Outrageous. Unbelievable. These are a few of the many vitriolic words being levelled at Microsoft MSFT +0.41% today, which is taking a kicking from the security community over the dismantling of a cybercriminal campaign said to have infected millions
Latest Microsoft Malware Takedown Causes Waves in Security Community (Threatpost) Microsoft's latest takedown of a malware operation, announced Monday and involving the infrastructure of several malware families, has, like many of the company’s actions, elicited strong opinions on both sides of the issue from security researchers, activists and others with a stake in the game. This takedown didn't involve simply hitting the C2 infrastructure of a botnet, but also includes legal action against a hosting company, No-IP.com, which has called out Microsoft for its tactics and raised a lot of questions in the security community, as well
Melbourne-based bitcoin fund lost $70,000 in a cyber-attack caused by US Marshals Service (startup smart) A mistake by the US Marshals Service has led to Melbourne-based bitcoin arbitrage fund Bitcoins Reserve losing 100 bitcoins, valued at around $70,000, in a cyber-attack, according to co-founder Sam Lee
To Whom It May Concern (Blackout Austria) June 30th, 2014 marks a turning point for Austria. Not only was the Vorratsdatenspeicherung (data retention) terminated preliminarily for good (no, really), the operation of TOR exit nodes supposedly was also declared a criminal offense by a regional criminal court. The accused was operating a TOR exit node which was being used fraudulently by a third party to transmit content of an illegal nature
17-Year-Old Charged with Computer Misuse in Spamhaus Attack (CBR) Charges follow international police investigation into attack that slowed down the Internet
Many fraud victims clueless about data compromise source (FierceITSecurity) Nearly half of identity fraud victims do not know where their information was compromised, according to a survey of residents in four U.S. cities by Javelin Strategy & Research on behalf of the National Consumers League (NCL)
Andy Coulson 'has become lightning conductor for phone-hacking scandal' (The Guardian) Lawyer for David Cameron's former spin chief says he will pay 'higher price' in sentencing due to political and media pressures
Dark Net gun seller 'Dr. Evil' jailed in the U.K. (Daily Dot) A Senior Aircraftsman in Britain's Royal Air Force has been sentenced to six years in jail for selling guns on Deep Web site Black Market Reloaded