The CyberWire Daily Briefing 07.23.14

Cyber Trends

The Stark Realities of Today's Cyber Security Landscape (IBM Security Intelligence) A recent report from IBM titled "2014 Cyber Security Intelligence Index" provides an up-to-date, high-level overview of the major threats facing organizations today and the trends being seen in the evolution of the threat landscape. With data gathered through the monitoring of clients' technology platforms worldwide and analysis of the security intelligence gleaned, it describes the types of attacks being seen and their impact on organizations

RSA's security utopia requires China, US to be friends (ZDNet) Countries must set aside their differences and work together to create new norms of behavior in an interconnected digital world, or risk having the current digital chaos "bleed" into the physical world, warns RSA chairman Art Coviello

Bromium Labs Research Brief: Endpoint Exploitation Trends H1 2014 (Bromium) The only constant in cyber security is change. Cyber-attacks come in cycles. Hackers always attack the weakest link in the chain and adjust their targets frequently. As a result of high profile attacks and the increasing spotlight on cyber-security, vendors are improving their software development practices, but in reality all software is vulnerable to attack. In the ever-shifting cyber-landscape the attackers' choice of targets is driven by the ease with which a particular product can be attacked, its importance to the intended targets of the attacker and how prevalent the software is in the market

Modern electric grid fighting cyber vulnerabilities (Pittsburgh Post-Gazette) The recent push to modernize the electric grid has increased communication between utilities and consumers, enhanced reliability and created more opportunities for green energy producers

Breaches driving organizational security strategy, survey indicates (SC Magazine) Nearly 70 percent of respondents said NSA leaks and POS breaches are impacting business security strategies

'Smart Phones More Vulnerable To Cyber Attacks' (New Indian Express) Smart phones and tablets are slowly replacing laptops and desktops, but they seem to be more vulnerable to cyber attacks, Richard H L Marshall, former director of Global Cyber Security Management, Department of Homeland Security, USA, said

9/11 Commission report authors warn nation of cyberattack threats (Washington Post) The authors of the 9/11 Commission report say that a decade after completing their seminal look at the rise of al-Qaeda, the threat of terrorism has not waned and the country can ill afford to let its guard down again

Preparing for cyber warfare (Milwaukee Journal-Sentinel) Recently, emboldened Russian hackers breached the systems of power plants across the United States and Western Europe. In June, Chinese hackers attempted to gain access to several U.S. power plant operation control systems. And in May, the Department of Homeland Security announced hackers had actually gained control of a mechanical device at an unnamed U.S. energy facility

Cyberspionage in der Praxis (ComputerWoche) Digitale Wirtschaftsspionage kostet die deutsche Wirtschaft im Jahr mindestens 50 Milliarden Euro. Was können Unternehmen tun, um sich besser zu schützen?

Legislation, Policy and Regulation

White House, Germany try to rebuild trust (The Hill) White House chief of staff Denis McDonough and counterterrorism czar Lisa Monaco held intensive talks with their German counterparts Tuesday in Berlin, as the White House scrambled to ease tensions with Germany

DHS 'dos and don'ts' on cybersecurity (The Hill) Is a cyber-attack on America?s electric grid imminent? Or will hackers sabotage a major chemical plant this year? Answers to these questions may surprise you because they're slightly counterintuitive

Head of DHS cyber hub stepping down (FCW) Larry Zelvin will step down in mid-August as head of the Department of Homeland Security's hub for monitoring and responding to cyber threats, a DHS spokesman told FCW

Products, Services, and Solutions

RSA® Web Threat Detection Adds Enhanced Visibility & Analytics; Takes on Mobile Fraud (Wall Street Journal) RSA, The Security Division of EMC (NYSE: EMC), today announced the latest version of RSA Web Threat Detection designed to provide enterprises with end-to-end visibility into web sessions to help mitigate risks associated with consumer-facing websites including cybercrime activity and business logic abuse

Microsoft account Android app simplifies using two-factor authentication (BetaNews) While two-factor authentication acts as an effective security barrier against malicious attacks, it also makes the login process more cumbersome for legitimate users by requiring them to type in security codes, on top of usernames and passwords. Luckily, there are dedicated apps that can make things easy

Understanding the Protection from Microsoft Security Essentials (Streetwise Tech) Despite Microsoft Security Essentials' success and whopping download rates, some people are still raising their eyebrows as to the kind of protection that it offers. After all, everything usually comes with a price nowadays. Microsoft Security Essentials has come into question because it is totally free! No credit card number needed, no registration, no nothing — as long as your system passes the Genuine Windows Validation you are totally A-ok

WidePoint and SPYRUS Enable Higher Assurance Security for Microsoft Windows To Go® (Wall Street Journal) WidePoint Corporation (NYSE Mkt: WYY), a leading provider of Managed Mobility Services (MMS) featuring Cybersecurity and Telecommunications Lifecycle Management (TLM) solutions, announced today its collaboration with SPYRUS, Inc., to issue WidePoint Certificate-on-Device for the SPYRUS WorkSafe and WorkSafe Pro USB 3.0 drives with Windows To Go 8.1 certification, enabling higher assurance security and functionality for mobile workers. The WorkSafe Pro is the only USB 3.0 certified Windows to Go 8.1 drive with XTS-AES 256 hardware encryption and internal FIPS 140-2 Level 3 validated PKI

Virtru launches business email encryption service for Google Apps (InfoWorld) The service, which allows for fine administrator control of messaging, is free to try through later this year

Nextgov Powers its Cybersecurity App with Cyber Risk Intelligence from SurfWatch Labs (Digital Journal) SurfWatch Labs, a provider of cyber risk intelligence solutions, announced that its security analytics content is being used to power the Nextgov Cybersecurity app, available in the iTunes store

Varonis DatAnywhere Enables ATMI Employees to Share Large Files While Data Remains Protected on Site (CNN Money) Varonis Systems, Inc. (NASDAQ: VRNS), the leading provider of software solutions for unstructured, human-generated enterprise data, today announced it has enabled the employees of ATMI to use cloud-style file sharing remotely and securely using any device with customers, vendors and each other — turning their existing file shares into a private cloud — through the adoption of Varonis DatAnywhere

Privacy Badger Extension Blocks Tracking Through Social Icons (Threatpost) Online tracking has been a thorny problem for years, and as Web security companies, browser vendors and users have become more aware of the problem and smarter about how to defend themselves, ad companies and trackers have responded in kind. The advent of social networks has made it far easier for tracking companies to monitor user behavior across the Web, and in an effort to counter some of that effect, the EFF has released a beta version of its Privacy Badger browser extension, which blocks a large chunk of that tracking

Everything You Ever Wanted To Know About Apple's OS X Yosemite Beta Preview (TechCrunch) Apple has a new version of OS X coming to Macs this fall, and for the first time ever, it's giving up to 1 million members of the public the opportunity to test it out in advance — for free, and without requiring they register as a developer, starting this Thursday. The purpose of the advance feedback is to gather feedback and help test the release before its wider launch, and by opening it up to the public, Apple can likely get more input about how consumer-facing features are working than they would with a pool limited strictly to developers

Technologies, Techniques, and Standards

Embrace and Secure Shadow IT (McAfee Blog Central) "Shadow IT" is stepping out into the light of day. Business users are eagerly embracing the cloud and especially Software-as-a-Service (SaaS) in search of cost-effective productivity tools for file sharing and storage, collaboration, social media, and anything else that makes them more effective on the job. But the problem is these well-intentioned, hardworking employees are putting their organizations at risk by accessing unapproved applications that could lead to malware, data loss, or other vulnerabilities

Data breach epidemic shines spotlight on shared secrets (GCN) Recent history has not been kind to businesses and consumers when it comes to Internet security. From LinkedIn to Adobe to eBay, we continue to hear the same story: X number of passwords/records leaked via company Y data breach. According to Tripwire, the Adobe breach alone compromised over 234,000 accounts of military and government users. While few can argue the extent of the problem, what do all of the data breaches really mean to password security, and what can agencies do about it?

CTO Corner: Educating the Masses (Bit9) It happened again this weekend. My nephew called me to tell me his computer was infected. Again

Passwords are key when firing employees (ZDNet) Many companies don't do all they should to secure the company from a potentially hostile former employee. Without the right tools it can be hard

Spectacles of Insecurity: Top 10 Greatest White-Hat Hacks (Bloomberg) Hats off to the white hats. These hackers, who break into computer networks and digital devices to find holes before the bad guys do, have led to some of the most significant advances in securing the online world. Their findings have reshaped the way e-mail accounts, credit card numbers, and even ATMs and medical devices are protected from cyber-criminals

Security standards to defend against cyber attack (Energy Global) In a recent report, Honeywell accentuates the importance that security culture is on a par with safety culture in order to protect against cyber attack

Why Your Data Needs An 'Expiration Date' to Stay Safe (Industry Perspective) (Government Technology) It is crucial in today's security climate to begin classifying data and networks in a new way, based not just on levels of sensitivity but on shelf life and the realities of our evolving computing landscape

New Feature: "Live" SSH Brute Force Logs and New Kippo Client (Internet Storm Center) We are announcing a new feature we have been working on for a while, that will display live statistics on passwords used by SSH brute forcing bots. In addition, we also updated our script that will allow you to contribute data to this effort. Right now, we are supporting the kippo honeypot to collect data. This script will submit usernames, passwords and the IP address of the attacker to our system

How Microsoft Handles BYOD (eSecurity Planet) While BYOD still worries infosec pros, vendors like Microsoft are easing concerns by offering authentication and management capabilities

Marketplace

Cyber Insurance: With Attacks on the Rise, Many are Sizing up the Cost of Protection (Fort Myers Florida Weekly) On the day before Thanksgiving, Professor Sandra Kauanui's son — the tech-savvy owner of four Wasabi Sushi restaurants located in California, Texas, the District of Columbia and Florida — suffered a cyber attack from criminals who secured the personal data of customers

Threat of Data Breaches Creates Lucrative Opportunities in Cybersecurity (Entrepreneur) Cybersecurity is a hot industry. The need to protect our digital infrastructure and sensitive data is at an all-time high

Teradata Acquires Hadapt, Revelytix For Big Data Boost (InformationWeek) Teradata adds data-prep, data-management, and data-analysis capabilities by buying two notable independents in the big data arena

Sookasa Recognized by CRN as a 2014 Emerging Vendor (MarketWatch) List highlights hottest tech startups impacting the IT channel, technology industry

Vectra Networks Recognized by CRN As A 2014 Emerging Vendor (Newswire Today) Vectra Networks, the leading innovator in real-time detection of in-progress cyber-attacks, today announced it has been recognized as one of 2014's hottest emerging technology vendors by CRN, the top news source for solution providers and the IT channel. The annual Emerging Vendors list identifies up-and-coming technology vendors that have introduced innovative new products creating opportunities for channel partners in North America to create high-value, cutting-edge solutions for their customers

Second Cyber Command Defense Contractor To Open Location In Richmond County (WJBF News Channel) A second defense contractor has announced plans to locate in Augusta-Richmond County in support of the U.S. Army Cyber Command which will be headquartered at Fort Gordon…The Augusta Economic Development Authority announced today another outstanding defense contractor is locating in Augusta-Richmond County. Sabre Systems, Inc. (Sabre), a provider of integrated technology solutions to United States defense and civilian agencies, commercial and international clients, will open a new office in Augusta this summer

Cybersecurity firm SixGen joins Odenton incubator (Technical.ly Baltimore) SixGen provides open-source solutions to businesses and government. "Proprietary technology struggles to keep up with the industry needs," said cofounder and CEO Ethan Dietrich

Top U.S. Cyber Experts Join Darktrace to Protect Private Sector with Enterprise Immune System (Digital Journal) Darktrace, one of the world's fastest-growing cyber security companies, today announces the appointment of two senior officials from the U.S. intelligence community, complementing the mathematicians and machine learning specialists and U.K. intelligence officials who founded Darktrace in 2013

Verdasys Adds Three to Senior Leadership Team (MarketWatch) Verdasys, the leading provider of advanced data protection for endpoints for Global 2000 and mid-sized companies, has added three senior executives to its leadership team: Doug Bailey, chief strategy officer; Salo Fajer, chief technology officer; and David McKeough, executive vice president, global field operations. After strong momentum in the first half of 2014 , the company continues to position for more growth in the rapidly expanding security market

Security Patches, Mitigations, and Software Updates

Tor developers vow to fix bug that can uncloak users (Ars Technica) Weakness was topic of talk abruptly pulled from security conference

Researchers Plan to Disclose Critical Bugs to TAILS Team Soon (Threatpost) The developers of the TAILS operating system are poised to release a new version of the software — which is designed to preserve privacy and anonymity — and it includes several security fixes. However, there are several other security issues that aren't patched in the new release, vulnerabilities identified by researchers at Exodus Intelligence, who have not disclosed the bugs to the TAILS developers yet

Security Tightened in SQL Server Data Tools Update (Visual Studio) Database schema comparisons, security among incremental updates made to this July 2014 release of SSDT

Firefox 31 has arrived — 11 bulletins, 3 critical, 0 visual surprises (Naked Security) Firefox 31 is out. So is its updated conservative older brother, the Extended Support Release, now at 24.7

Cyber Attacks, Threats, and Vulnerabilities

US: Russia 'Created the Conditions' for Shoot-Down (AP) Senior U.S. intelligence officials said Tuesday that Russia was responsible for "creating the conditions" that led to the shooting down of Malaysia Airlines Flight 17, but they offered no evidence of direct Russian government involvement

UK at risk of cyber-warfare if Russia is pushed too far (London Economic) The threat of a real war with Russia still hangs in the air, but one academic believes a cyber-attack is a more likely scenario. A silent, but digitally destructive scenario, which could cause chaos across the globe, adversely affecting the UK

'Real Footage of Malaysian Flight MH 17 Shot Down' Facebook Spam Spreads Malware (Hacker News) A distasteful trend among the cyber crooks have began these days that they left no occasion, either good or bad, to snatch users' financial information in order to make money as well as spread malware to victimize users

Slava Ukraini: Dyre Returns (InformationSecurityBuzz) It has been a few weeks since the original discovery of the Dyre malware, and the attackers have sent another wave of phishing, reports PhishMe. This time, the phishing campaign only went to one senior level individual within the enterprise

Hackers raise fee of Android Simplocker ransomware and teach it English (V3) Hackers have expanded the infamous Android Simplocker ransomware campaign to target English-speaking Android users and have raised the ransom demand

Repeated Shutdown Initiatives mayn't still have Fully Terminated CryptoLocker — BitDefender (Spamfighter) BitDefender the security company recently published a report stating that although CryptoLocker the ransomware that notoriously locks users' files hasn't been attacking from June 2014 when it was last taken down, yet the delivery network through which it spreads could be present and running

More cyber criminals are blackmailing victims with explicit photos (Inquirer) Cyber criminals are increasingly turning to "sextortion" attacks in which they blackmail victims with the threat of exposing explicit photographs or messages, security experts have warned

The new plague: Computer viruses that extort you (CNN Money) Ransomware, a particularly annoying breed of computer virus, is spreading like the plague. This malware locks you out of your computer files until you pay up — and it is proving incredibly difficult to exterminate

Cybercrime wave whacks European banks (NetworkWorld) Assisting law enforcement, Trend Micro says 34 banks targeted in Operation Emmental

Hackers abuse Bitly API in novel attack, reports Websense (ComputerWeekly) A cyber attack targeting TV channel MSNBC highlights cybercriminals' abuse of the public's trust in news outlets and websites, says Websense Security Labs

Trio of Flaws Found in OleumTech Wireless Monitoring System (Threatpost) Researchers have identified several remotely exploitable vulnerabilities in a wireless remote monitoring product from OleumTech that is used in energy, water and other critical infrastructure sectors. Two of the three flaws are related to the encryption implementation in the affected products, including the use of a weak random number generator

Hacker claims breach of Wall Street Journal and Vice websites, punts 'user data' for sale (The Register) Also supposedly hit a gadgets site called 'CNET'

SQL injection flaw in Wall Street Journal database led to breach (IDG via CSO) A vulnerability in a web-based graphics system led to a breach of The Wall Street Journal's network by a hacker, the newspaper acknowledged late Tuesday

Some WSJ computer systems taken offline after cyber attack: Dow Jones (Reuters via the Chicago Tribune) Computer systems containing the Wall Street Journal's news graphics were hacked by outside parties, according to the paper's publisher Dow Jones & Co

iSpy? Researcher exposes backdoor in iPhones and iPads (Naked Security) How much of your personal data on your iPhone or iPad would you be willing to bet law enforcement or a hacker can grab from your device, even if you've encrypted it?

Apple denies iOS 'backdoor' claims, says it's not working with the NSA (Inquirer) A security expert has bravely revealed that Apple has purposefully included backdoors in its iOS mobile operating system that could be exploited by law enforcement and intelligence agencies such as the US National Security Agency (NSA)

Did the White House Website Violate Its Own Privacy Rules? (National Journal via Nextgov) The White House may have misled people who visited its website about how it tracked their online behavior. In a forthcoming paper, a group of researchers write that thousands of top websites, including WhiteHouse.gov,have been using a new, persistent type of online tracking. Justin Brookman, the director of consumer privacy at the Center for Democracy and Technology, said the tracking was "probably inconsistent" with the White House's own website privacy policy

WordPress brute force attack (Internet Storm Center) Now that the XMLRPC "pingback" DDoS problem in WordPress is increasingly under control, the crooks now seem to try brute force password guessing attacks via the "wp.getUsersBlogs" method of xmlrpc.php. ISC reader Robert sent in some logs that show a massive distributed (> 3000 source IPs) attempt at guessing passwords on his Wordpress installation

Alleged Stormbot Source Code Advertised for Sale on YouTube (Softpedia) A video advertising the selling of the source code for the Stormbot malware and providing a list of features for the threat was posted on YouTube on July 20

How Thieves Can Hack and Disable Your Home Alarm System (Wired) When it comes to the security of the Internet of Things, a lot of the attention has focused on the dangers of the connected toaster, fridge and thermostat. But a more insidious security threat lies with devices that aren't even on the internet: wireless home alarms

A possible breach at Goodwill is bad, but nothing special (CSO) Goodwill isn't a snowflake, they're a victim

How Nigerian cyber criminals have evolved (Help Net Security) Cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously been their primary targets, according to Palo Alto Networks

Point-of-Sale Dealers Need a Security Sit-Down (Threatpost) The travails of small retail and hospitality businesses struggling with hackers have been documented for years in the annual Verizon Data Breach Investigations Report. Mom-and-pop businesses, small restaurants and regional hotel chains are perfect targets of opportunity for attackers adept at scanning for and exploiting vulnerabilities in point-of-sale systems

7 Black Hat Sessions Sure To Cause A Stir (Dark Reading) At Black Hat, researchers will point out the weaknesses in everything from the satellites in outer space to the thermostat in your home

Academia

iovation Provides Eight Digital Safety Tips for College-Bound Kids (Digital Journal) iovation, the trusted source for mobile and online fraud prevention to safeguard businesses, is providing eight digital safety tips for college-bound kids as part of its dedication to making the Internet a safer place for everyone. In this 24/7 digital world, sending a son or daughter off to college can be a daunting task. Of course, parents want to do everything possible to prepare their children for a successful transition. Previous generations didn't need to have "the digital talk" but in a world where what goes online stays online, it's essential

Litigation, Investigation, and Enforcement

New Surveillance Whistleblower: The NSA Violates the Constitution (The Atlantic) A former Obama administration official calls attention to unaccountable mass surveillance conducted under a 1981 executive order

6 questions about the IRS?s missing emails, from IT experts (Washington Post) Did the IRS intentionally lose e-mails to cover up potentially incriminating communications relating to the agency's targeting controversy, or did the records go missing because of bad technology management?

Canadian resident charged in U.S. for directing Chinese spy ring (Globe and Mail) A Chinese man accused of being the "directing mind" behind a corporate-espionage conspiracy to steal jet-fighter secrets from Pentagon contractors is a Canadian immigrant who is being stripped of his residency status

MPs to sue UK.gov over 'ridiculous' EMERGENCY data snooping law (The Register) DRIP Act was rubber-stamped in THREE days

Russian 'digital bomb' may have been trying to copy Nasdaq, not destroy it (FierceFinanceIT) Back in 2010, a piece of malware that investigators characterized as a digital weapon was discovered in Nasdaq. The malware was detected by both Nasdaq and the FBI before it detonated, but a new detailed investigative article by Bloomberg Businessweek sheds light on the multiagency investigation into the sophisticated hack and the motives behind it

Turkish police accused of spying on prime minister are arrested (Guardian) Erdoğan claims corruption allegations investigated by the officers were part of coup attempt by Gülen movement

Finjan Holdings Provides Litigation Update — Blue Coat Markman Hearing Set For August 22, 2014 (MarketWatch) Finjan Holdings, Inc. FNJN -4.13%, a technology company committed to enabling innovation through the licensing of its intellectual property, today announced an update on its lawsuit against Blue Coat Systems Inc. (Blue Coat)

500,000-per-day SMS spammer gets just £4,000 fine (Naked Security) An Indian call-centre operator has been fined by a London court for breaching Data Protection laws, but despite his operation bombarding UK cell phones with spams, his punishment amounts to little more than a slap on the wrist

Design and Innovation

Car hackers build anti-car-hacking gadget (Naked Security) Car hackers have been busy over the past few years

This Temporary Tattoo Can Unlock Your Phone (TechCrunch) I'd think this was just a clever April Fools' joke, if it weren't the middle of July

Edward Snowden to work with Russia on anti-spy technology (Washington Times) Former National Security Agency contractor Edward Snowden announced plans to work with Russia, where he's now residing, to develop anti-surveillance technology aimed at shuttering government spy operations around the globe