Cyber Attacks, Threats, and Vulnerabilities
Syrian Malware Team found spewing 'Dark Edition' BlackWorm RAT (V3) A hacker group believed to have links to the notorious Syrian Electronic Army (SEA) is mounting a wave of cyber attacks using the BlackWorm remote access trojan (RAT)
Trailing the Trojan njRAT 0 (McAfee Blog Central) One Trojan that just won't go away is the remote access tool njRAT. Microsoft recently took down a leading domain associated with the malware, but that action did not come off as smoothly as the company hoped. We closely track this remote access tool (RAT) and see a rise in its popularity every year
Found: The Islamic State's Terror Laptop of Doom (Foreign Policy) Buried in a Dell computer captured in Syria are lessons for making bubonic plague bombs and missives on using weapons of mass destruction
Persian paranoia: America's fear of Iranian cyber power (Guardian) Months of research into Iranian networks uncovered at least 16,000 systems controlled by Iran outside of its borders
Anonymous to attack Pakistani Govt against police brutality, vows to expose Shareef's regime (HackRead) The online hacktivist Anonymous has announced to conduct massive cyber attack on Pakistani government servers against yesterday's police brutality on unarmed protesters demanding Prime Minister Nawaz Shareef's resignation in Islamabad, Pakistan
JPMorgan breach likely impacts UCard users — again (CSO) Bank issues warning to state agencies in Louisiana, others likely to follow
JPMorgan attackers altered bank records (Help Net Security) The number of US banks that have apparently been targeted and breached by hackers is slowly rising, as newer reports say that seven financial organizations have been hit
Experts warn banks of more cyber attacks (Financial Times) The latest wave of cyber attacks against US banks highlights the persistent threat facing the global financial sector, as the number of so-called financial Trojans targeting banks more than tripled last year
JPMorgan and other US banks get hacked. Why is Russia getting the blame? (Graham Cluley) The big security news is that a number of US Banks, including JPMorgan Chase, have been hit by hackers who launched a "coordinated attack" on their computers systems this month
A Cyber Attack in Wall Street: Is It Really the Russians Who Did It? (Food World News) Suspected Russian hackers launched a cyber attack on Wall Street firms such as JP Morgan Chase this month. The Federal Bureau of Investigation (FBI) is leading the investigation while other federal agencies like the National Security Agency (NSA) are reportedly helping in the case
Cyber attack 'could wreak as much havoc as 9/11 attacks' (Independent) Bankers and US officials have warned that cyber-terrorists will try to wreck the financial system's computer networks. Authorities in the US have launched an investigation following a so-called cyber attack on a number of institutions including against JP Morgan Chase, the banking giant
Namecheap says accounts compromised in hacking incident (IDG via CSO) Hosting provider Namecheap said Monday hackers compromised some of its users' accounts, likely using a recently disclosed list of 1.2 billion usernames and passwords compiled by Russian hackers
Here's What We Know So Far About The Celebrity Photo Hack (TechCrunch) As you will by now have probably read, around 100 women celebrities (including Jennifer Lawrence, Ariana Grande, Victoria Justice and Kate Upton) have had naked and explicit pictures seemingly hacked from their iCloud accounts and published online, first on 4Chan and now all over the place
What Jennifer Lawrence can teach you about cloud security (Ars Technica) Posting of celeb pics exposes the weakest links in cloud services, smartphones
Nude photo leak a chance for channel to talk cloud security (MicroScope) The revelations that a hack has led to a flood of naked celebrity pictures hitting the internet is a timely reminder that the channel must promote security to users considering placing sensitive and personal data in the cloud
Please Stop Saying 'Celebs Shouldn't Have Taken Nude Photos In The First Place' (Forbes) It has happened before and it will happen again: a bunch of female entertainers or their partners have their private photos hacked and the sexual ones leaked online
Apple Isn't Responsible for Your Nude Selfies (Bloomberg View) What do you do if you're a celebrity and nude pictures you happened to store in the cloud are suddenly all over the Internet? We've seen the full spectrum of possible reactions, only one of which makes sense
Website of Industrial Software Firm Abused for Reconnaissance Mission (SecurityWeek) Cybercriminals compromised the website of an industrial company to conduct a watering hole attack with the goal to collect information on the site's visitors
IPv6 insecurities on "IPv4-only" networks (SWITCH Security Blog) When people hear about IPv6-specific security issues, they frequently tend to rate this as an argument in favour of delaying or avoiding IPv6 deployment on their enterprise or campus network
Professor says Google search, not hacking, yielded medical info (SC Magazine) Sam Bowne wrote on Thursday that he performed a Google search and connected to an open FTP server full of medical information
BKAV says viruses cannot destroy a computer's hard drive (VietnamNet) Recently, many computer users received emails warning about the existence of a type of worm which can destroy computer's hard drives. However, BKAV has aid there is no such "powerful" virus
Backoff malware threat worse than thought and you may be affected (Tech Times) The hackers behind Backoff aren't standing down. With more than 1,000 organizations suffering intrusions from the malware family, the Secret Service is warning businesses to take proactive steps against the threat
Backoff Sinkhole Reveals Sorry Point-of-Sale Security (Threatpost) Kaspersky Lab researchers say that a recent analysis of two Backoff malware command and control servers paints "a very bleak picture of the state of point-of-sale security"
Why hackers may be stealing your credit card numbers for years (IDG via CSO) While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry
11 Steps Attackers Took to Crack Target (CIO) Aorato, a specialist in Active Directory monitoring and protection, delivers a step-by-step report on how attackers used the stolen credentials of an HVAC vendor to steal the data of 70 million customers and 40 million credit cards and debit cards from the retailer
Using WPS on your Wi-Fi router may be even more dangerous than you think (Naked Security) A Swiss security researcher has found yet more problems with Wi-Fi Protected Setup (WPS), a system built into many wireless routers to make it easier for you help guests and visitors to get online
What are wi-fi connections revealing about you? (BBC) When walking through the centre of a busy city it is easy to feel anonymous
Grindr app has privacy issues — who's surprised? (Naked Security) Popular gay dating app Grindr has been criticized for revealing the locations of its users in more detail than they might be expecting, and for allowing the identity of message senders to be spoofed
1900/UDP (SSDP) Scanning and DDOS (Internet Storm Center) Over the last few weeks we have detected a significant increase in both scanning for 1900/UDP and a huge increase of 1900/UDP being used for amplified reflective DDOS attacks
A Google Site Meant to Protect You Is Helping Hackers Attack You (Wired) Before companies like Microsoft and Apple release new software, the code is reviewed and tested to ensure it works as planned and to find any bugs
Bulletin (SB14-244) Vulnerability Summary for the Week of August 25, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week
16-31 August 2014 Cyber Attacks Timeline (Hackmageddon) August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month
Security Patches, Mitigations, and Software Updates
Apple patches 'Find My iPhone' exploit (ZDNet) Apple has patched an exploit with its Find My iPhone online service that may have been used by hackers to gain access to personal photos stored on iCloud accounts belonging to some 100 celebrities
Cyber Trends
IT security is a matter of accountability (Help Net Security) For today's CEO, being the victim of criminal hackers is no longer just a source of embarrassment. Being hacked often carries legal ramifications and can even cost you your job. We live in the age of transparency, where "mega breaches' and data theft from an organization are increasingly hard to keep from the customer. It has never been more challenging for a CEO who must accept responsibility for IT security incidents, thoroughly assess the risks and remain vigilant to potential threats
Trends in Cyber Crime: A Look at the First Half of 2014 (IT Business Edge) While security pros need clear insight into their organizations vulnerabilities, internal analysis alone is not enough. Outward examination — such as who is attacking other members of your business sector with what kind of attack and how it is impacting them — is a critical component of an effective cybersecurity approach. Unfortunately, oftentimes, we spend too much time looking at only a small piece of the puzzle
7 Cyber Security Trends You Should Know (EAGB) Our takeaways from SANS Institute Director of Emerging Security Trends John Pescatore's talk on cyber security for the near future
Kaspersky Lab "accidentally" defends monitoring of innocent internet users in online article (Graham Cluley) Talk about a flip-flop. A bizarre article was published by Russian security company Kaspersky on Wednesday. But you won't be able to find it on their website now
Marketplace
Compensation and Interim Report 2014 Market Trends: Security (BarclaySimpson) This time last year, we reported that companies were coming to the recruitment market in increasing numbers and following through recruitment processes with realistic offers. Since then, an additional 800,000 people have been employed in the UK and the economy is forecast to grow by 3% in 2014. In this context, high profile cyber-attacks are provoking both corporate and public fear just as business investment is expanding at its fastest rate in six years. The security recruitment market is unlikely to ever have a more favourable backdrop than it currently enjoys
FireEye, Palo Alto Top Security Picks at Stifel; SYMC, CHKP, FTNT a Hold (Barron's) Shares of network security technology vendor FireEye (FEYE) are up 45 cents, or 1.5%, at $29.90, after Stifel Nicolaus's Gur Talpaz today initiates coverage of the group, giving FireEye and Palo Alto Networks (PANW) Buy ratings, and price targets of $45 and $100 respectively, and rating others in the group a Hold
CEO praises Juniper team and anticipates success in the cloud (Microscope) Juniper Networks CEO, Shaygan Kheradpir, has published his first blog since joining the company in January
Microsoft to close MSN service in China by October 31 (Economic Times) Microsoft plans to close its Windows Live Messenger (MSN) service in Chinese mainland by October 31, amid a crackdown by authorities against the world's largest software firm over anti-monopoly violations
Bitglass Secures $25 Million in Series B Financing (SiliconIndia) Bitglass, a provider of data protection solutions for the enterprise has secured $25 million in Series B funding. Bitglass offers the industry's most complete solution, securing corporate data in the cloud, at access and on mobile devices. Founded in 2012, even when it was emerging from stealth in January 2014, Bitglass has enjoyed strong demand for its Total Data Protection solution
Robert Hansen on Aviator, Search Revenue and the $250,000 Security Guarantee (Threatpost) Dennis Fisher talks with Robert Hansen of WhiteHat Security about the company's decision to change default search providers to Disconnect and the $250,000 guarantee for users of the Sentinel Elite product
4 Challenges to Address in Corporate Cyber War (Security Magazine) We are fighting a cyber war and need to take proactive steps to protect ourselves and our companies as the virtual bullets fly
BIM2050 Group sets out nine areas the industry needs to consider for the future (Construction News) A group of leading young construction workers has said contractors should prepare to benefit from staff migration from other sectors, as it set out a vision for the future of the industry
Cyber attack: Is your bank safe? (The Banker) From financially motivated cyber crime to politically influenced cyber warfare, the virtual threats to financial institutions are multiplying. Companies must respond by arming themselves against such attacks or else they risk losing their footing on the new digital battleground
Should you use cyber insurance to mitigate risk? (SC Magazine) While still a relatively immature industry, cyber insurance can reduce the costs of recovering from a breach, and, as Tony Morbin reports, it can also play a role in driving adoption of best practice, including de-facto standards in critical infrastructure
Insurance for When You Get Hacked (Bloomberg BusinessWeek) Question: In light of all the hacker attacks in the news, how often are smaller businesses targeted? Is there insurance that covers you in case of an attack?
Red Hat CTO Abruptly Resigns (CIO) Brian Stevens steps down from open source firm with little warning
Products, Services, and Solutions
Microsoft Adds The Ability to Search for Sensitive Data on SharePoint And OneDriv (International Business Times) Businesses can now use Microsoft Office 365 to share sensitive data within the organisation. Office Blogs reports Microsoft Office 365 has these necessary features for email with data loss prevention or DLP. The said features are already used in Exchange, Outlook and OWA together with a series of built-in sensitive data that can be used to search. Now, Microsoft is reportedly to expand these features to SharePoint and OneDrive
Will Apple Satisfy Regulators Over HealthKit Data Privacy? (Forbes) This week, Apple AAPL +0.28% has updated its privacy policy to try and ensure that developers don't market personal healthcare data to advertisers and brokers
HoneyDrive v3 Royal Jelly — Honeypot Linux Distro Released (Toolswatch) HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed
Lynis 1.6.0 — Security auditing tool for Unix/Linux systems (Kitploit) Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional
What Are the Best Network Forensics and Data Capture Tools? (Security Intelligence) Until fairly recently, the practice of network forensics investigations was more or less a black art practiced by highly skilled individuals
'Finding a unicorn' likelier than proper security in VMware AirWatch? (CRN) Microsoft exec posts blog laden with fear and uncertainty about AirWatch
ESET Cyber Security (for Mac) (PC Magazine) Despite what you may have heard, just because your computer is a Mac doesn't mean it's immune to malware or other digital attacks. That's why there are products like ESET Cyber Security ($39.95), which guards against online and network attacks in addition to viruses and other malware
McAfee Internet Security 2014 for Mac (PC Magazine) Stereotypical Mac users aren't concerned with security, but Mac malware is real and Web threats don't care what kind of computer you're using. That's why there are products like McAfee internet Security 2014 for Mac ($79.99). This OS X application brings antivirus protection, along with safe Web browsing and firewall tools
Review: Microsoft Security Essentials vs Malwarebytes: A tool used for Security (Streetwise Tech) With the month almost coming to a close, we are doing our usual monthly round up of software downloads and the hottest application of the month. If you haven't already attempted this application, we highly suggest giving it a go and seeing for yourself what the hype is about
Technologies, Techniques, and Standards
Suspect Phishing? Chase Bank says to click links (CSO) This is why we can't have nice things
Teamwork: The new threat intelligence strategy (TechTarget) This week, an analyst said sharing threat intelligence information is a new security strategy; data analytics as a service offers all enterprises a competitive edge
Patching: The least understood line of defense (Help Net Security) When it comes to security, only a total dope doesn't understand firewalls, anti-virus and at least the basics of passwords
Big Name Bank Hacks Highlight the Importance of Regular Testing and Effective Emergency Response (IT Business Net) When a prominent bank reveals a successful cyber attack, national headlines will quickly ensue, as happened on Wednesday, August 27th, when news began surfacing about the FBI probing into a successful attack on JPMorgan Chase & Co and at least one other bank
Out in the Open: Hackers Build a Skype That's Not Controlled by Microsoft (Wired) The web forum 4chan is known mostly as a place to share juvenile and, to put it mildly, politically incorrect images. But it's also the birthplace of one of the latest attempts to subvert the NSA's mass surveillance program
Dodging Browser Zero Days — Changing your Org's Default Browser Centrally (Internet Storm Center) In a recent story about "what's a sysadmin to do?", we suggested that since our browsers seem to take turns with zero days lately, that system administrator should have processes in place to prepare for when their corporate standard browser has a major vulnerability that doesn't yet have a patch
How To Create A Risk 'Pain Chart' (Dark Reading) Consultant John Pironti outlines how to execute a risk-based approach to defending corporate assets
Design and Innovation
Developers, Academia Team Up on Manual for Secure Software Design (eWeek) Google, Twitter and Harvard University are cooperating with other businesses and schools to create a manual to help developers design more secure software
Research and Development
'Factorisation factory' smashes number-cracking record (New Scientist) The first tests of a "factorisation factory" have beaten the record for breaking gigantic numbers down into their prime-number building blocks. It might one day force firms to strengthen their online encryption
Academia
Interviews — 2014: Arnim Eijkhoudt, Lecturer in Digital Forensics, University of Applied Sciences (Forensic Focus) Arnim, please tell us about your role as a lecturer in digital forensics, and how you first became interested in the field
Interviews — 2014: Emlyn Butterfield, Course Leader in Computer Forensics, Leeds Metropolitan University (Forensic Focus) Emlyn, you're currently Course Leader in Computer Forensics, Security & Ethical Hacking at Leeds Metropolitan University. Could you tell us more about the role and how you entered academia?
Legislation, Policy, and Regulation
NATO Set to Ratify Pledge on Joint Defense in Case of Major Cyberattack (New York Times) When President Obama meets with other NATO leaders later this week, they are expected to ratify what seems, at first glance, a far-reaching change in the organization's mission of collective defense: For the first time, a cyberattack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing
Estonia PM warns Europe must guard against Russia in long term (Financial Times) Russia's intervention in Ukraine has so utterly transformed Europe's security outlook that western governments must be on their guard against Moscow for the long term, Estonia's prime minister said on Tuesday
Jacob Appelbaum explains surveillance to the EuroParl (BoingBoing) Jacob Appelbaum of the Tor Project and Wikileaks addressed the European Parliament on the issue of surveillance and freedom. It was a remarkable speech, even by Appelbaum's high standards. An amateur transcript gives you a sense of what's going on, but the video is even better: "Is it used for coercion? Is data passed to autocratic regimes? Is it used to study groups? Is it used to disrupt? Yes, yes, and yes. Might they force or forge data? Absolutely"
Google's Smith Is Top Candidate for U.S. Chief Technology Officer (Bloomberg) Google Inc. (GOOG) executive Megan Smith is close to heading to the White House
The Most Profound Shift in UK Commercial Insurance Law Ever (Willis Wire) It has been eight long years since The Law Commission and the Scottish Law Commission were asked to review UK insurance contract law. Much has been written and said on the subject of insurance contract law reform since then (including by me). Now at last the government has introduced a new insurance bill for consideration under a special fast-track parliamentary procedure
Litigation, Investigation, and Law Enforcement
China gives Microsoft 20 days to respond to competition probe (ZDNet) Microsoft gets a three week deadline to come up with an explanation for "compatibility issues" in Windows and Office that could violate Chinese competition laws
US Cyber-Spy Killed Himself Following FBI Investigation (International Business Times) A 33-year-old US Air Force cyber-security analyst took his own life the day after the FBI showed up to question him about why he had gathered sensitive data about an individual — including the voicemails of that person's boyfriend
John Walker, the Navy spy who defined crypto-betrayal, dead at 77 (Ars Technica) If you want to call anyone a traitor, measure them against John Walker first
Hackers stole security check info on at least 25,000 DHS employees (Ars Technica) Homeland Security tallies damage from breach at USIS, and it's not pretty
Stop order against USIS could significantly slow down background checks (Washington Post) The recent stop-work order that has prevented a major U.S. contractor from conducting background investigations could significantly impact the security clearance process, especially if it lasts for an extended period, industry officials said
Class Action Suit Over CHS Breach is Call to Action (Norse Blog) A handful of patients who were impacted by the recent Community Health Systems (CHS) data breach filed a class action suit against the healthcare giant in Alabama, and the company could be in store for even more in the wake of a data loss event affecting as many as 4.5 million people nationwide
Drug Market 'Agora' Replaces the Silk Road as King of the Dark Net (Wired) For two and a half years, the Dread Pirate Roberts and his Silk Road black market ruled the Dark Web. But last year's FBI's takedown of that narcotics smorgasbord opened the underground trade to competitors. Now those sites have a new leader, one that's bigger than the Silk Road ever was and continues to grow explosively
Microsoft refuses to hand over overseas email (iol) A judge lifted a suspension on her order directing Microsoft to turn over a customer's emails stored overseas to US prosecutors, but the software company said it would not release any emails while it appeals the ruling