Cyber Attacks, Threats, and Vulnerabilities
The Isis propaganda war: a hi-tech media jihad (Guardian) Isis is using techniques plundered from movies, video games and news channels to spread its message. Who is masterminding the operation — and what is the best way to counter it?
Maritime hacker is likely small-time (Boston Herald) The Moroccan jihadi group that shut down Massachusetts Maritime Academy's website is at best a small-time cyber-Islamism organization — and possibly just one not very skilled hacker — hunting for weaknesses on websites in order to hijack them and spread hate, one Internet expert said
Indian hacker defaces Pakistans' major political Party "PPP" website amid Kashmir issue (HackRead) An Indian hacker going with the handle of Bl@Ck Dr@GoN has hacked and defaced the official website of Pakistan People's Party, which is country's oldest political party. The hack was done against a tweet made by chairman of PPP Bilawal Zardari in which he had vowed to take back the Indian controlled Jammu and Kashmir
Ukraine and the Art of Limited War (War on the Rocks) In a piece published in War on the Rocks last March, and in an extended version by the journal Survival in May, I considered Ukraine and the art of crisis management
Malware Attacks Drain Russian ATMs (BankInfoSecurity) Interpol warns attacks could spread worldwide
NCR ATM API Documentation Available on Baidu (F-Secure Labs) A recent ATM breach in Malaysia has caused havoc for several local banks. According to reports, approximately 3 million Malaysian Ringgit (almost 1 million USD) was stolen from 18 ATMs
How One Criminal Hacker Group Stole Credentials for 800,000 Bank Accounts (Dark Reading) Proofpoint report shows how one Russian-speaking criminal organization hides from security companies
Sednit espionage group now using custom exploit kit (We Live Security) For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy
Selfmite.b SMS Worm Is More Aggressive, Sends 150,000 Messages in 10 Days (Softpedia) A new version of the Selfmite SMS worm for Android, reported in late June to rely on affiliate marketing to make money, has been found to rely on a different, more aggressive method to reach the same goal as the original variant
The BadUSB exploit is deadly, but few may be hit (InfoWorld) It's a case of good news/bad news with the BadUSB firmware exploit
Bash Bug Saga Continues: Shellshock Exploit Via DHCP (TrendLabs Security Intelligence Blog) The Bash vulnerability known as Shellshock can be exploited via several attack surfaces including web applications, DHCP, SIP, and SMTP. With multiple proofs of concept (including Metasploit code) available in the public domain, this vulnerability is being heavily exploited
Yahoo: Attackers Breached Our Servers, But Your Data Is Safe (Mashable) After initially saying an attack on its servers was carried out via Shellshock, Yahoo is changing its tune
FBI Pays Visit to Researcher Who Revealed Yahoo Hack (Wired) Jonathan Hall was trying to help the internet. Earlier this week, the 29-year-old hacker and security consultant revealed that someone had broken into machines running inside several widely used internet services, including Yahoo, WinZip, and Lycos. But he may have gone too far.
JPMorgan hackers attack Fidelity, no customer data stolen (CNN Money) Fidelity Investments was among 13 financial institutions attacked by hackers who are believed to have been responsible for a breach at JPMorgan Chase, but there is no indication that Fidelity customer data were stolen, the Financial Times reported today - See more at: http://www.themalaymailonline.com/money/article/jpmorgan-hackers-attack-fidelity-no-customer-data-stolen#sthash.1qmVm91W.dpuf
Almost half of Android devices still have a vulnerable browser installed (IDG via Networkworld) Around 45 percent of Android devices have a browser that is vulnerable to two serious security issues, but some countries have a considerably larger percentage of affected users than others, according to data from mobile security firm Lookout
The Hulk (Virus Bulletin) Raul Alvarez takes a close look at cavity file infector W32/Huhk, which — thanks to its infection criteria — only infects a handful of executable files, thus unintentionally creating a stealth technique
Security experts issue warning to smartphone users (Cable) Mobile phone users are failing to adequately protect their devices, according to an independent security analyst
Pricing Policies in the Cyber Criminal Underground (Infosec Institute) Underground markets are places on the Internet where criminal gangs offer a wide range of illegal products and services. Black markets are crowded places where single individuals or criminal organizations could acquire or rent products and services at very competitive prices. Like any other market, in black markets the relationship between supply and demand determines the price of the products. A growing number of highly specialized sellers are offering their wares, and the huge offer is causing the drop in prices
Microsoft Security Essentials may be throwing false positives for Trojan:DOS/Alureon.J (CSO) The precise circumstances are unclear, but it's becoming obvious that MSE in some cases detects a DOS/Alureon.J infection where none exists
CSAM Month of False Positives — Our ISP Says We're Hosting a BotNet! (Internet Storm Center) It's a note that many of us have received. If we're unlucky, it's a note that your (not-a-packet-expert) boss has received and we've had to explain it. It usually goes like this
Security Patches, Mitigations, and Software Updates
iOS 8.1 plugs security hole that made it easy to install emulators (Ars Technica) "Date trick" workaround allowed for unapproved apps without jailbreaking
Adobe will update e-reader to mop up clear-text data spillage (Naked Security) Adobe is working on an update to fix the latest iteration of its e-book reader, which has a gluttonous appetite for readers' data and the slovenly habit of reporting our reading habits back to Adobe — in plain text
Surprise patch KB 3005628 bodes ill for Microsoft's patching strategy (InfoWorld) Out-of-band patch, which fixes errors 0x800F0906 and 0x800F081F in .Net Framework 3.5, is a troubling disruption in Microsoft's patching strategy
Google Fixes 159 Flaws in Chrome (Threatpost) Google updates its Chrome browser on a very aggressive timeline, often a couple of times a month. Usually, each update includes a handful of security fixes, maybe 12 or 15. On Tuesday, the company released Chrome 38, which patched a staggering 159 vulnerabilities
[Bad]USB 'Patch' Skirts More Effective Options (Threatpost) Two researchers who released code that can be used to exploit a critical weakness in most USB drives followed that up Sunday with their version of a patch for the problem
Cyber Trends
Cyber Space Is Creating New Opportunities For Real-World Criminals (Misco News) A new and "far more dangerous type of cybercrime" is emerging, says a leading computer security expert — one that is blurring the lines between real-world crime and online criminality
Sophisticated Cyber Criminals Cost Brands Billions (ClickZ) During an Ad Week presentation last week, Michael Tiffany, chief executive of White Ops, explained ad fraud and the bots that make it possible
The Great Revamp: 11 Trends Shaping Future Conflict (War on the Rocks) Our thinking about future wars is often held hostage by the tension between continuity and change. We tend to embrace the known past and continuity with it, sometimes too tightly
Cyber attacks: Qatar third most targeted (The Peninsula) Qatar is the third country after Saudi Arabia and Turkey in the Middle East and Africa (Mena) region targeted most in the cyber attacks. Qatar faced close to 2,000 cyber attacks in the first half of 2014, according to FireEye, a major player in the area of cyber security
Marketplace
R.I.P. HP (Slate) What Silicon Valley can learn from the rise and fall of its original tech startup
Sophos acquires Mojave Networks in Cloud play (ARN) Acquisition will strengthen Sophos' cloud-managed and appliance-based security solutions
Activist Elliott Pushes EMC to Dump VMware (Re/Code) The activist investment firm Elliott Management pounced on storage and technology giant EMC today in a lengthy letter urging it to divest its controlling stake in the cloud software firm VMware
Veracode Gears up for Security IPO (eSecurity Planet) Veracode CEO explains what his company is doing now as he heads toward a public offering
National Security Entrepreneurs Create Cyber Insurance (Huffington Post) At the Government Accountability Project (GAP), we began working with whistleblowers in the wake of Washington's Watergate scandal, an episode that showed what our public officials were capable of when left to their own devices. In the years since then, as the U.S. adopted sweeping privatization and deregulation policies, GAP has come to provide legal help to whistleblowers from both public agencies and private firms
Former DOD and Coast Guard CIOs to advise Chertoff Group (Inside Cybersecurity) The Chertoff Group this week added two former chief information officers from the Pentagon and the Coast Guard to its advisory team. Former Defense Department CIO Teri Takai, who stepped down earlier this year, and retired Rear Adm. Robert Day, who until recently was the Coast Guard's CIO and head of Coast Guard Cyber Command, are among six new senior advisers to the consulting firm, the company announced Tuesday
Chris Yonclas, President of Vistronix NetCentric Solutions Business Unit on Big Data and Cyber Trends (Execuitve Biz) Chris Yonclas serves as NetCentric Solutions strategic business unit president at Visitronix, where he oversees the operational and technical activities related to C4ISR
Digital Forensics Expert Jim Kent's Leadership in Investigations and Cybersecurity and Government Gives Nuix Edge in North America Market (BusinessWire) Nuix, a technology company that enables people to make fact-based decisions from unstructured data, has promoted Dr. James Kent to a leadership role in the North American market focusing on investigations, cybersecurity and the government sector. Dr. Kent continues his existing positions as Global Head of Investigations and Cybersecurity and CEO of Nuix EMEA from his new base in Herndon, Virginia
Products, Services, and Solutions
SAIC Selects Bromium to Enhance CyberSecurity Edge™ (Bromium) Bromium®, Inc., the pioneer of a new model of endpoint security using micro-virtualization, and Science Applications International Corp. (NYSE: SAIC), a leading technology integrator for government and select commercial customers, today announced the addition of Bromium vSentry® and Live Attack Visualization Analysis (LAVA)® to SAIC's CyberSecurity Edge™ solution. Now, SAIC's CyberSecurity Edge customers can deploy Bromium to improve end-user security and reduce operational costs
Netskope Does Cloud Navel-Gazing, Introduces Active Introspection (Forbes) Active Introspection could either be a hot new approach towards psychoanalysis or a great new IT buzzword. For Netskope at least, it is the later. Netskope is one of a growing number of companies that are wrapping cloud services with a layer of discovery and visibility. All these companies deliver a twofold promise. First they allow organizations to have some visibility over the solutions at use within their organizations. Secondly they allow for some policy to be wrapped around cloud application use such that organizations can have a granular approach towards what is used, by whom, and where
FireEye Offers New Mandiant Consulting Services to Address Evolving Motives and Tactics of Advanced Threat Actors (MarketWatch) FireEye, Inc. FEYE, -2.28% the leader in stopping today's advanced cyber attacks, today announced two new security consulting services to help organizations improve their internal capabilities for defending against advanced threat actors
New jihadist threat intelligence service launched (C4ISR & Networks) Flashpoint Global Partners has launched a threat intelligence service for monitoring jihadist groups
NASDAQ attempts to shield itself from Shellshock with help of Splunk (Computing) The American stock exchange NASDAQ is attempting to shield itself from the security vulnerability known as "Shellshock" or "The Bash Bug", with the help of operational intelligence platform Splunk
Rapid7 releases Nexpose Ultimate (Help Net Security) Rapid7 released Nexpose Ultimate, a vulnerability management solution that combines assessment of vulnerabilities and controls, vulnerability validation, and prioritized remediation planning in a single solution
Nedbank introduces Gemalto's online banking security system (New Business Ethiopia) Africa's bank, Nedbank Ltd, deploys Gemalto's online banking security system its Ezio eBanking solution to provide their wholesale customers with unmatched online transaction security and superior convenience
First secure external HDD with cloud management (Help Net Security) Imation announced a high-security, high-performance external USB 3.0 SuperSpeed hard drive capable of being managed in the cloud
Corero Introduces Corero DDoS Analytics App for Splunk Enterprise (Herald Online) App delivers sophisticated DDoS attack intelligence for rapid response in combating emerging threats
San Francisco Ballet Dances around Potential Security Weaknesses with Thycotic Secret Server (PRNewswire) Ballet company's IT and facilities departments use privileged access management solution to secure passwords
Trend Micro bolsters Internet security for mobile, social media (InfoTechHead) Security software company Trend Micro has released Trend Micro Security 2015 that delivers protection from cyber threats for PC, Mac, Android and iOS platforms
Webroot Unveils SecureAnywhere Cyber Threat Detection Network (MSPmentor) Webroot says WIN leverages real-time cyber threat data from 30 million users worldwide
HITRUST and Healthcare Leaders Collaborate to Establish Cyber Threat XChange to Improve and Accelerate Cyber Threat Detection and Response (BusinessWire) Enhanced cyber threat sharing acts as early warning system for healthcare industry
Peter George: General Dynamics Fidelis, Bit9 Expand Cyber Tech Partnership (Executive Biz) General Dynamics Fidelis Cybersecurity Solutions has expanded a collaboration with Bit9 + Carbon Black to help clients identify and mitigate threats at the endpoint level
Akamai and China Telecom Establish Strategic Cloud Services Partnership (Providence Journal) Akamai Technologies, Inc. today announced a strategic partnership agreement with China Telecom Corporation Limited's cloud division, CT Cloud
Technologies, Techniques, and Standards
FDA Promises Security Fixes for Older Devices, 'Built-in' Protections (AIS Health) The Food & Drug Administration (FDA) has heard the complaints from hospitals and other covered entities (CEs) that makers of medical equipment don't provide adequate protections from security breaches in their new devices, and often refuse to issue patches for existing devices or upgrade older models
NIST releases cyber-physical use-case framework update and outline (Inside Cybersecurity) The National Institute of Standards and Technology's working group on the cybersecurity and privacy of cyber-physical systems has released an updated use-case framework and the first draft outline of a work product due on Nov. 1
Can We Talk: Creating a Common Language for Cybersecurity (Government Technology) Experts are hopeful that a new framework released by the National Institute of Standards and Technology will give agencies a method to evaluate the security of their computing environments against their peers
Foiling hackers with a virtual perimeter (IT News) Another week, another story about a massive data leak
Identity Protection and Beyond: What You Don't Hear in the Media (RSA: Speaking of Security) Welcome Cyber Security Awareness Month! It's the time of year where we celebrate and teach all about safety on the Internet. But unlike every other security expert out there who will be writing about tips on how to protect your digital identity from cyber thieves, I want to share the many ways in which organizations are proactively protecting your identity — without you even knowing it
Open-source security model undermined by lack of resources (TechTarget) Shellshock and Heartbleed showed how flawed even ubiquitous open-source software components can be, but experts say that doesn't necessarily mean the open-source security model is to blame
How to fend off data breaches (CSO) It's no secret that data breaches are on the rise, just look for the headlines that mention Target, eBay, JP Morgan Chase, Home Depot, etc. The 2014 Verizon PCI DSS report states that only 11% of companies were fully compliant. The JP Morgan breach was said to have been caused by an employee working from home, the VPN connection was then used to extract the data. We all know that for Target it was the HVAC vendor and a phishing email that started the extraction of millions of credit cards
Guessing passwords with Apple's full-device encryption (Freedom to Tinker) With the recently-introduced iOS 8, Apple has switched to a encrypting a much larger amount of user data by default. Matt Green has provided an excellent initial look at a technical level and big-picture level and Apple has recently released a slightly more detailed specification document and an admirable promise never to include backdoors. This move, and Google's prompt promise to follow suit with Android, are big news. They've even garnered criticism from the director of the FBI and re-kindled debate about mandatory key escrow, which, as has been pointed out, is a debate the tech community seriously discussed for the last time while listening to Vanilla Ice on a cassette player in the early 90s
Alexa Scores Can Be Used to Predict Whether a URL is Part of a Phishing Attack (Cyveillance Blog) Cyveillance is an enthusiastic Premium sponsor and Steering Committee member of Anti-Phishing Working Group (APWG). Last month, the APWG held its eCrime Research Symposium 2014 in Birmingham, Alabama. The event coincided with the APWG's release of its semi-annual report on global phishing trends. Among other findings, the report found that Apple was the most-phished brand in the first half of 2014
The Three Most Common Myths in Enterprise Security (Sys-Con Media) I'll say it up front, your security program does not work because it is based on three common myths we hold as unquestionable truths in enterprise security
Research and Development
Federal research effort seeks public input on 'vital privacy objectives' (Inside Cybersecurity) Privacy stakeholders have until next week to respond to a federal request for information on "vital privacy objectives" that could inform a National Privacy Research Strategy
Things bad in IT security now? It could get worse (IT World Canada) An Ottawa workshop warns quantum computing — and its ability to break code — may be closer than we think
Academia
UCCS gets grant to help fight cyber crimes (Colorado Springs Gazette) The cyber protection research that will come from a $70,000 grant Northrop Grumman Corp. gave the University of Colorado at Colorado Springs on Wednesday will look like the work of James Bond 007, only it won't be fake
Legislation, Policy, and Regulation
Russia Seeks Sanctions Tit for Tat (New York Times) The Russian Parliament on Wednesday took the first major step to authorize the Kremlin to seize foreign assets and use them to compensate individuals and businesses being hurt by Western sanctions over the Ukraine crisis
Cyber-Security Wars Pause With iPhone 6 Nod (Forbes) So much has been written already about the sudden approval of the iPhone 6 in China, after several weeks of unexplained delays, that I thought I would focus on the broader implications of this surprise move in the ongoing war of words between the US and China over cyber security
FireEye: Discovery of Chinese 'state-sponsored' hack campaign had no impact (V3) The discovery of the notorious 'state-sponsored' APT1 cyber attack campaign achieved next to nothing, according to FireEye chief operating officer Kevin Mandia
S. Korea to get proactive in cyber warfare (Yonhap via Global Post) South Korea has decided to drop its long-held defensive tactics in cyber warfare and instead initiate proactive operations to better guard against enemies' online infiltrations, sources said Wednesday
Berners-Lee calls for more data sharing (MicroScope) The inventor of the world wide web Sir Tim Berners-Lee has called for the web to remain an open and neutral platform and for more of a data sharing culture to emerge in the future
Chase Bank Hack Persuades Obama To Make Cyberwarfare A Top National Security Issue (International Business Times) President Obama will now receive regular updates on foreign cyberattacks after the largest data breach ever compromised more than 75 million JP Morgan Chase bank accounts. That summer attack now ranks alongside Islamic State group news as a national security concern, according to reports, in part because of worries that the Russian government might have supported the attack
Congress must help DHS combat rising cyberattacks (The Hill) When Congress returns after the elections, lawmakers have a great opportunity to pass cybersecurity legislation that already has strong bipartisan support
Legislation is needed immediately (The Hill) Since taking the helm as chairman of the House Permanent Select Committee on Intelligence nearly four years ago, I made it a priority to bring light to a little noticed issue that was actually one of the greatest threats America faces today: the unrelenting cyberattacks on our networks and personal data
Tech groups warn over US online snooping (Financial Times) Leaders at two top tech security firms have warned that American businesses are being hurt by concerns about US online surveillance in Europe and the growing "Balkanisation" of the internet in the wake of Edward Snowden's disclosures
Officers can apply to go cyber in voluntary transfer program (Army Times) The Army is accepting applications from Regular Army officers in the ranks of second lieutenant through colonel who want to become members of the service's new career branch for cyber warriors
Litigation, Investigation, and Law Enforcement
U.S. Asks Court to Overturn National Security Letters Ruling (Wall Street Journal) Ruling last year said laws behind the use of NSLs violated Constitutional free speech rights
The FBI's secret surveillance program is about to go on trial (Nextgov) A federal appeals court this week will review whether the government can secretly conduct electronic surveillance on Americans without first obtaining a warrant
PRISM: Don't talk to terrorists if you want privacy, says ex-NSA director (V3) Former NSA director general Keith Alexander has defended the PRISM programme he oversaw, arguing that leaks and fears about the mass surveillance project must not hamper the fight against cyber terrorists and crooks
Adobe's e-book reader sends your reading logs back to Adobe — in plain text [Updated] (Ars Technica) Digital Editions even tracks which pages you've read. It might break a New Jersey Law