Cyber Attacks, Threats, and Vulnerabilities
ISIS Jumping from Account to Account, Twitter Trying to Keep Up (Recorded Future) Open source analysis shows ISIS supporters will create a new Twitter account, usually under a similar name, immediately after
What Is ISIS Thinking? (Slate) As I noted in my last post, it?s a little hard to figure out ISIS?s strategy following its second videotaped execution of an American citizen in less than a month
New ISIS threat: America's electric grid; blackout could kill 9 of 10 (Washington Examiner) Former top government officials who have been warning Washington about the vulnerability of the nation's largely unprotected electric grid are raising new fears that troops from the jihadist Islamic State are poised to attack the system, leading to a power crisis that could kill millions
United States Counterterrorism Chief Says Islamic State Is Not Planning an Attack on the U.S. (Foregin Policy) The United States' senior counterterrorism official said on Wednesday that there is "no credible information" that the militants of the Islamic State, who have reigned terror on Iraq and Syria, are planning to attack the U.S. homeland. Although the group could pose a threat to the United States if left unchecked, any plot it tried launching today would be "limited in scope" and "nothing like a 9/11-scale attack"
Pakistani State owned PTV Sports channel website hacked to Support Protests (HackRead) Hacktivists are playing their role in on going political crisis in Pakistan, as a result hackers going with the group handle of Pakistan Haxors Crew hacked and defaced the official website of state owned PTV Sports Channel yesterday against killings and police brutality on protesters
Data: Nearly All U.S. Home Depot Stores Hit (Krebs on Security) New data gathered from the cybercrime underground suggests that the apparent credit and debit card breach at Home Depot involves nearly all of the company's stores across the nation
Victim to a mysterious cyber attack, Home Depot struggles to find out what went wrong (VentureBeat) Home Depot is sweating bullets
Home Depot urges credit monitoring vigilance (Threatpost) Home Depot told its customers today to monitor their bank and credit card accounts for fraud as it continues to investigate the "unusual activity" on its networks that could turn out to be one of the biggest data breaches in U.S. history
Home Depot breached, carders selling stolen payment card info (Help Net Security) The Home Depot, a popular American home improvement and construction retailer that boasts of 2,200 stores in the US and 287 abroad, has apparently suffered a data breach that compromised customer credit cards
Home Depot, Other Retailers Get Social Engineered (Dark Reading) Famed annual contest reveals how many retailers lack sufficient defenses against social engineering
The long game: How hackers spent months pulling bank data from JPMorgan (Ars Technica) Custom malware + lateral network moves = big problems for banking
Apple, please provide better protection for iCloud — Secure our Selfies! (Naked Security) Unless you've been on the moon this week, you will have heard about the Great Big Celebrity Naked Picture Theft
Blame Apple (Slate) Five reasons why celebrities and civilians should never trust Apple with nude photos, or any data at all
Celeb Hack: Is Apple Telling All It Knows? (Dark Reading) Did Apple have a system-wide data breach? No. Was it complicit through an appalling security lapse by not defending against brute force attacks? You're darn tootin'!
Are Cloud Services Safe? iCloud Breach Revives Debate (American Banker) Are cloud services secure enough for corporate use? It's a question bankers have pondered for at least a decade, and the iCloud breach illustrates both the pro and con arguments
Apple developer guidelines lead to rogue phone call risks in iOS (Naked Security) Web pages are all about hyperlinks. Usually, these link to other web pages, by specifying a URL such as
Goodwill Blames Credit Card Breach on Third-Party Vendor (SecurityWeek) Goodwill Industries International revealed on Tuesday that some of its customers' payment cards were compromised after the systems of a third-party vendor became infected with malware
'Harkonnen' espionage Trojan stole data from 300 European SMBs (TechWorld via CSO) Unknown malware used in attacks dating back to 2002
Semalt botnet hijacked nearly 300k computers (Help Net Security) The "Semalt" botnet is quickly spreading across the Internet, Incapsula researchers warn
Linux systems infiltrated and controlled in a DDoS botnet (Help Net Security) Akamai Technologies is alerting enterprises to a high-risk threat of IptabLes and IptabLex infections on Linux systems. Malicious actors may use infected Linux systems to launch DDoS attacks against the entertainment industry and other verticals
New file-encrypting ransomware called CryptoGraphic Locker (Bleeping Computer) A new file-encrypting ransomware was discovered today by BartBlaze called CryptoGraphic Locker. Just like other encrypting ransomware, this infection will scan your your data files and encrypt them so that they are unusable. The infection will then display a ransom note that requires you to purchase the decryption key in order to decrypt your files. The initial cost to purchase the key is .2 BTC, or approximately $100 USD, which makes this one of the cheaper ransoms that we have seen in a long time. Though the ransom starts out small, there is a 24 hour timer built into the application that will increase the ransom amount each time it hits 0
Why CryptoWall ransomware will remain a shadow of CryptoLocker (CSO) CryptoWall lacks the technical sophistication and payment infrastructure to overtake its ransomware cousin
Attack hijacks DNS settings on home routers in Brazil (IDG via CSO) Attackers use cross-site request forgery techniques to change router settings when users visit malicious websites
VirusTotal mess means YOU TOO can track Comment Crew! (Register) Hackers backed by Beijing and Tehran appear to be cheapskates
CERT/CC enumerates Android app SSL validation failures (Threatpost) A growing compilation of close to 350 Android applications that fail to perform SSL certificate validation over HTTPS has been put together by the CERT Coordination Center at the Software Engineering Institute at Carnegie Mellon University
WordPress plugins bogged down with CSRF, XSS vulnerabilities (Threatpost) A smattering of bugs, mostly cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities, have been plaguing at least eight different WordPress plugins as of late
Five San Diego Bartell Hotel locations fall victim to payment card theft (Hacksurfer) Bartell Hotels is notifying customers that its payment system at five San Diego locations was compromised, allowing the theft of credit card data. The affected locations are: Best Western Plus Island Palms Hotel & Marina, The Dana on Mission Bay, Humphreys Half Moon Inn & Suites, Pacific Terrace Hotel, and the Days Hotel-SeaWorld. The breach took place from February 16 to May 13
Internet predators (SecureList) Anyone using the Internet is at risk, regardless of age and regardless of what they like to do online. Cybercriminals can deploy an impressive arsenal, targeting everyone from schoolchildren to pensioners and following them whether they are logged on to social networks, checking the latest headlines or watching their favorite videos. Internet scammers want access to our money, our personal data and the resources of our computer systems. In short, they want anything that they can profit from
First Look: Hire a DDoS attack for less than $600 — Celeb hack fallout continues — Another day, another breach (Politico Morning Cybersecurity) First Look: Hire a DDoS attack for less than $600
Cyber Trends
Electric grid facing security threats from all sides (FierceSmartGrid) Grid security, both cyber and physical, is a critical issue, with new technologies being rolled out every day, and, changing the ultimate game for utilities
Akamai's Francis Trentley — The World of Zombies, Cyborgs and Knights (CSO) Francis Trentley was the CIO of the White House during the George W. Bush administration and oversaw that office's biggest ever technical transformation. Today, he is the Senior Director at Akamai Technologies. At the recent Gartner Security and Risk Management Summit, he delved into the ever-evolving cyber-threat-landscape and examined how traditional defences need to evolve
Risk from cyber attacks revealed as up to 71% of workers use out of date systems (Link2) UK business is putting itself at serious risk of cyber attacks due to poor upkeep of 'at risk' computer systems
In China, Cybercrime Underground Activity Doubled In 2013 (Dark Reading) Forget intelligence gathering. Financially motivated cybercrime is booming behind the Great Wall
The world powerhouses of hacking (Acumin) It seems that when it comes to the disruptive science of hacking, some places are more suitable than others as operational bases. According to the cloud service company Akamai's most recent State of the Internet Report, the top five countries generating the world's internet attack traffic are, in descending order: China (41 per cent), USA (11 per cent), Indonesia (6.8 per cent) Taiwan (4.2 per cent), and Brazil (3.2 per cent)
Cybercriminals love PayPal, financial phishing on the rise (Help Net Security) Kaspersky Lab's experts reported a substantial increase in the amount of financial phishing in spam
Nothing is safe from the hackers — as I've just discovered (The National) If someone were to steal my phone, or simply hack into it, would they find anything on it that I wouldn't want them to?
Marketplace
Is Cyber Insurance A Good Idea For Your Retail IT Clients? (Business Solutions) With recent data breaches at companies like Target and eBay making headlines, the business world has explored the possible advantages of cyber insurance
Huawei Has Made Canada Nervous for Years (Motherboard) Two years after US officials slammed the Chinese telecom giant Huawei for its connection to the Chinese People's Liberation Army, the company is looking to expand in the Canadian market, which is perceived as being friendlier than the US
Why FireEye (FEYE) Stock Is Up Today (TheStreet) Shares of FireEye (FEYE_) rose 8.09% to $33.66 in late afternoon trading on Tuesday after news broke that Home Depot (HD_) may have suffered a major credit card breach
DISA issues Encore III sources-sought (C4ISR & Networks) The Defense Information Systems Agency is gearing up for the next iteration of one of its biggest contract vehicles for IT goods and services, the follow-on to its current Encore II contract
Sources Sought Notice — Information Assurance, Operations & Compliance, Systems, and Technology Support (Insurance News Net) The Defense Microelectronics Activity (DMEA) is a DoD Center for microelectronics technology, acquisition, transformation, and support. DMEA is composed of highly specialized engineering facilities and microelectronic engineers that work in close partnership with the major defense contractors and the semiconductor industry to provide support for fielded systems across all U.S. military organizations
Lockheed receives cyber certification (Gazette.Net) The Information Systems & Global Solutions business of Lockheed Martin of Bethesda is one of seven U.S. companies to receive Cyber Incident Response Assistance accreditation from the National Security Agency Information Assurance Directorate
Company news: New hires at Accuvant, ZeroFox and ThreatStream (SC Magazine) Renee Guttmann…has joined enterprise information security firm Accuvant as vice president in the Office of the CISO…Shane Shook has joined social risk management firm ZeroFOX as chief strategy officer…Juniper Networks, a Sunnyvale, Calif.-based networking equipment provider, has announced that it will be divesting its Junos Pulse mobile security products to a private equity firm for $250 million…BlackBerry has acquired Germany-based voice and data encryption firm Secusmart…Hugh Njemanze (left) has joined Redwood City, Calif.-based threat intelligence firm ThreatStream as CEO…IOActive, a Seattle-based information security services firm, has made two new appointments. Bradford Hegrat joined the company as industrial services director, while Jason Larsen was named a principal security consultant
John Cohen Joins BlueLine Grid from DHS (Sys-Con Media) BlueLine Grid today announced that John Cohen, former Principal Deputy Undersecretary for Intelligence and Analysis at the U.S. Department of Homeland Security has joined the Company to help formulate and execute its Public Safety market strategy
Products, Services, and Solutions
Twitter Launches Bug Bounty Program via HackerOne (SecurityWeek) In an effort to thank researchers who responsibly disclose security vulnerabilities, Twitter has introduced a bug bounty program powered by the HackerOne platform
Free security software identifies cloud vulnerabilities (Help Net Security) Whether responding to customer orders or requesting partner data, the biggest cloud security concern for the enterprise is the direct communication between applications. To help companies identify cloud security risks, Managed Methods has released Cloud Service Discovery Free
Phone Firewall Can Identify Rogue Cell Towers Trying to Intercept Your Calls (Wired) Rogue cell phone towers can track your phone and intercept your calls, and it's only a matter of time before they're as ubiquitous as GPS trackers. But at least now there's a way to spot them
TeleSign to Partner With RSA Security for Enhanced Phoned-Based Authentication (Marketwired) TeleSign, the leader in Mobile Identity, today announced a strategic partnership to provide enhanced phone authentication for the RSA® Adaptive Authentication platform
Porticor and nScaled Team for Cloud Disaster Recovery (Newsfactor Business Report) Porticor® and nScaled today announced the industry's first joint solution integrating software-defined homomorphic encryption key management to protect customers: cloud information and applications replicated for IT Business Continuity and Disaster Recovery (BCDR)
Automating web security reviews with Netsparker (Troy Hunt) I will not run web security analysers without first understanding web security
FireEye Introduces Threat Analytics Platform for Amazon Web Services (MarketWatch) FireEye, Inc. FEYE, +0.35% the leader in stopping today's advanced cyber attacks, today announced that the FireEye® Threat Analytics Platform™ (TAP™) is available for Amazon Web Services (AWS) customers
HyTrust Partners with Intel to Enhance Security (Sarbanes-Oxley Compliance Journal) HyTrust Boundary Controls ensure tighter geographic restrictions to ease compliance, deter data theft and prevent data center downtime
Easy Solutions Announces Support for DMARC, to Improve Global Email Health (Broadway World) Easy Solutions Announces Support for DMARC, to Improve Global Email HealthEasy Solutions, the Total Fraud Protection company, today announced that it now supports the use of the DMARC draft specification within its customer base
Technologies, Techniques, and Standards
750 Stakeholders Prepare for Mock Attack on Networks (Health Data Management) HITRUST, a coalition of industry stakeholders working to improve cybersecurity, has dramatically increased participation in the next round of its cyber attack simulation exercise, called CyberRX
Update your application security policy after Heartbleed (TechTarget) Worried about the stability of your software security? Lower your risk by rewriting policy and procedures for development with open source and third-party components
Ready for Battle (National Retail Federation) Anticipation and preparation are key to fighting data breaches
Privacy concerns may be an issue once the car is connected via a smartphone (Computerworld) Privacy concerns may be an issue once the car is connected via a smartphone
DevOps Tip: Don't Give Developers Keys To Security (InformationWeek) Security change controls can slow down a DevOps program. But let's break up monolithic security systems instead of giving developers more security responsibility
Do's and Dont's: Security Management in a Growing Company (Security Intelligence) Security management can be a tedious job. Whether you are the chief information officer (CIO), chief technology officer (CTO) or even the chief executive officer (CEO), it can be hard to deal with possible risks and apply appropriate controls
Helix Nebula cloud security hinges on federated identity management (TechTarget) CERN and the Cloud Security Alliance explain how federated identity management protects Helix Nebula, a European cloud platform that's running applications for such research projects as the Large Hadron Collider
IMSI-Catch Me If You Can: IMSI-Catcher-Catchers (ACSAC) IMSI Catchers are used in mobile networks to identify and eavesdrop on phones. When, the number of vendors increased and prices dropped, the device became available to much larger audiences. Self-made devices based on open source software are available for about US$ 1,500. In this paper, we identify and describe multiple methods of detecting artifacts in the mobile network produced by such devices
Identifying Firewalls from the Outside-In. Or, "There's Gold in them thar UDP ports!" (Internet Storm Center) In a penetration test, often the key to bypassing a security control is as simple as knowing identifying the platform it's implemented on. In other words, it's a lot easier to get past something if you know what it is. For instance, quite often you'll be probing a set of perimeter addresses, and if there are no vulnerable hosts NAT-ed out for you, you might start feeling like you're at a dead end. Knowing what those hosts are would be really helpful right about now. So, what to do next?
Hack Your API First — learn how to identify vulnerabilities in today's internet connected devices with Pluralsight (Troy Hunt) A few years ago I was taking a look at the inner workings of some mobile apps on my phone. I wanted to see what sort of data they were sending around and as it turned out, some of it was just not the sort of data that should ever be traversing the interwebs in the way it was. In particular, the Westfield iPhone app to find your car caught my eye. A matter of minutes later I had thousands of numberplates for the vehicles in the shopping centre simply by watching how this app talked over the internet
IP Reputation and Spam Prevention: Working with Email Providers (TrendLabs Security Intelligence Blog) Today, spam may not be regarded as the most high-profile concern, but it's still a serious day-to-day threat. Every month, our users alone have to deal with billions of spam messages. These are also frequently used to deliver malware using attachments or links to malicious sites
Analyze VirusTotal Metadata to profile hackers (Security Affairs) An independent researcher has analyzed for years the metadata on submissions to VirusTotal service identifying patterns related to many bad actors
zAnti — Android Penetration Testing Toolkit (Free!) (Kitploit) zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety
Big Data is big noise (Help Net Security) Big Data was supposed to be the solution to all our security problems, but this spotlight on intruders turned out to be a mess of white noise. Hiding comfortably in that noise, however, are legitimate indicators that point to valid network threats, such as suspicious user behavior
Research and Development
Quantum key distribution technology: Secure computing for the 'Everyman' (Phys.org) The largest information technology agreement ever signed by Los Alamos National Laboratory brings the potential for truly secure data encryption to the marketplace after nearly 20 years of development at the nation's premier national-security science laboratory
DARPA expands research offerings through its public web portal (FierceGovernmentIT) The Defense Advanced Research Projects Agency has made more of its research publicly available via its six-month-old public web portal called Open Catalog
Academia
Open University teams with UK government to offer free cyber security course (IT Pro) Government-backed course designed to inspire next generation of cyber security experts
Companies work with local colleges to prepare future workforce (SunSentinel) Nipro Diagnostics launched an internship program last year and was surprised by the lack of interest
Legislation, Policy, and Regulation
Nato summit on 'high alert' for cyber attack (Financial Times) As world leaders gather in Wales for the Nato summit, British police say they are engaged in a security effort greater than that for the 2012 Olympics. But in contrast to the sporting event, security officials fear the most likely target will be online: Nato and the UK intelligence services have been put on "high alert" for a cyber attack
In case of cyberattack: NATO members ready to pledge mutual defense (Ars Technica) More cooperation on cyber defense among members of North Atlantic alliance
NATO Set to Ratify Cyber as Key Military Threat (Infosecurity Magazine) NATO is set this week to ratify a new policy on cyber-defense which will confirm that international law applies in cyberspace and that an online attack against one member country could be considered an attack on all 28
NATO to unveil cyber-defence strategy fit for changing times (The Conversation) Late one Saturday evening in March, NATO's Headquarters experienced a large-scale cyber-attack at the hands of a group calling itself Anonymous Bierkut from Ukraine. Non-classified networks were targeted, putting internal email services and public websites out of action for several hours. The attack was more of a nuisance than a serious threat but it served as a salutary reminder that even the best protected and cyber-aware organisations can still come up against disruption
National Guard carves out its slice of DoD cyber mission, wants teams in every state (Federal News Radio) As the Defense Department's overall budget continues to decline, most of the military's mission areas are seeing proportional cuts, with a few exceptions
Cyberspace chief: Beware, the adversary is watching (Army News Service) The adversary is looking to exploit vulnerabilities in Army computer systems, said the chief of the Army's Cyberspace and Information Operations Division
Media union backs Australian piracy blocking plan (ComputerWeekly) A union representing media, artists, and journalists has endorsed the Australian government's proposal to block websites containing material that infringes copyright
Introducing the world's first national digital currency (Quartz) Ecuador is on track to become the world's first nation to create its own digital currency. The country's central bank announced last week (link in Spanish) that it would begin distributing the yet-to-be-named currency in December
Litigation, Investigation, and Law Enforcement
We'd All Benefit if Celebs Sue Apple Over the Photo Hack (Wired) David Vladeck believes Apple will likely be sued after hackers grabbed nude photos that celebrities stored on the company's iCloud service
FBI investigating whether Scott contractor was a hacker (Air Force Times) The FBI is investigating whether a civilian cybersecurity specialist at Scott Air Force Base, Illinois, stole passwords and other login information from government personnel in Maryland
Massachusetts court rules that Appthority infringed Veracode patents (Inside Counsel) Doug Kline, chair of Goodwin Procter's IP Litigation Group, shares insights on the rulings in Veracode, Inc. and Rovi Solutions v. Appthority, Inc
Racing Post dodges ICO data breach fines (Computerworld via CSO) Chief executive forced to sign a publicised contract to improve company's data security instead