Cyber Attacks, Threats, and Vulnerabilities
Moscow Suspected in Hack of U.S. Industrial Control Systems (Washington Free Beacon) BlackEnergy malware used by Russians found in water, energy control systems
Russian BlackEnergy Malware Story Hidden by White House Breach (IT Business Edge) It was announced yesterday that White House computers were hacked, most likely by Russian hackers. White House officials have stated that it was non-classified computers that were attacked and there is no cause for alarm. As Government Technology pointed out, staffers were given the typical "change your password" advice, and little else
Secret meetings tackle back-to-back energy-sector cyberthreats (EnergyWire) The Department of Homeland Security is hosting a series of secret briefings to address "ongoing" cyberthreats to energy control systems, according to security experts
The White House got hacked; are you next? (TechTarget) Russian-backed hackers could be at it again, this time targeting the White House. Experts advise businesses take a page from the hackers and get organized
It looks like Russia and smells like Russia … but is it Russia? (CNN Money) It's easy to say Russians are hacking the White House and major U.S. companies. It's harder to prove it
Former NSA Official Warns About Future Cyber Attacks Against U.S. Government (Design & Trend) Joel Brenner, the former Inspector General for the National Security Agency (NSA) warned that cyber attacks targeting networks and systems of government facilities will increase in the future
Rugby League team Keighley Cougars' website reads 'I love you Isis' after hacking (Threat Brief) The website of Rugby League team the Keighley Cougars has been hacked and replaced with a page featuring the message: "I love you Isis"
Dyre malware targeting Swiss bank customers (Help Net Security) The Dyre/Dyreza banking Trojan has lately become very popular with cyber criminals — so much so that the US-CERT has issued an alert warning about the danger
Hackers' new Dyre malware infects W.Pa. computers, vexes FBI cyber agents (Pittsburgh Tribune) Pittsburgh-based FBI cyber agents who brought down an international Russian hacking syndicate in May are now focusing on two new targets that have caused significant damage, the Tribune-Review has learned
ROM — A New Version of the Backoff PoS Malware (Fortinet Blog) A few months have passed since the release of the "Backoff" point-of-sale (PoS) malware advisory, but Backoff and other PoS malware continue to be an active threat as businesses keep reporting data breaches and the compromise of their customers' financial information
Thieves Cash Out Rewards, Points Accounts (KrebsOnSecurity) A number of readers have complained recently about having their Hilton Honors loyalty accounts emptied by cybercrooks. This type of fraud often catches consumers off-guard, but the truth is that the recent spike in fraud against Hilton Honors members is part of a larger trend that's been worsening for years as more companies offer rewards programs
Swedish hacker finds 'serious' vulnerability in OS X Yosemite (Macworld) A white-hat hacker from Sweden says he's found a serious security hole in Apple's Yosemite OS X that could allow an attacker to take control of your computer
New SQL Injection Flaw Puts Sony PlayStation User Data at Risk (Softpedia) Details of Sony Playstation Network users could be at risk due to a blind SQL injection bug in the website, a penetration tester claims
Android dialer hides, resists attempts to remove it (Help Net Security) A malicious dialler disguised as an application for adults could become a big problem for Android users, as the malware systematically removes traces of itself from the phone and makes deinstallation impossible through normal means, Dr. Web researchers warn
Luck Played Role in Discovery of Data Breach at JPMorgan Affecting Millions (New York Times) When it comes to defending a large company against an online attack, sometimes luck and timing can mean as much as spending hundreds of millions of dollars a year on computer security
Why malvertising could be your business number one problem (IT Pro Portal) Internet advertising spend now outpaces all other forms of media. In the UK only, digital will make up almost 50 per cent of the total ad spend and it will be worth £13.9bn this year according to GroupM, WPP's media buying arm. With numbers like that, it's no surprise that cyber attackers are also turning their heads towards internet advertising
Research shows enterprises leaking shadow data to the cloud (TechTarget) A new study by cloud security startup Elastica shows that enterprise employees are unknowingly leaking sensitive data through cloud apps and services
Live data used to highlight cloud-based risks (CSO) The cloud is still a jungle when it comes to risk and security
GroupMe Vulnerability: Full Account Takeover (Breaking Bits) GroupMe is a popular cross platform group messaging client for Android and iOS. A critical vulnerability related to mobile phone SMS verification in the iOS application (version <= 4.4.4) allowed for account takeover provided you knew your target's phone number (that is, the phone number connected to their GroupMe account). Knowing just the phone number, you could take over their account entirely while simultaneously resetting their password and email address
Hack an Isolated Computer — No Internet Connection Required (Ethical Hacking) A proof-of-concept idea, which allows a person to send and receive data from a machine that has been kept completely isolated from the internet has been developed by researchers at the Ben Gurion University in Israel. This technique sends information from the machine to a mobile device, specially set up for this activity and later transfers that data to the outside world using normal modes of communications like internet/sms etc
How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data (Wired) Computers housing the world's most sensitive data are usually "air-gapped" or isolated from the internet. They're also not connected to other systems that are internet-connected, and their Bluetooth feature is disabled, too. Sometimes, workers are not even allowed to bring mobile phones within range of the computers. All of this is done to keep important data out of the hands of remote hackers
An Unprecedented Look at Stuxnet, the World's First Digital Weapon (Wired) In January 2010, inspectors with the International Atomic Energy Agency visiting the Natanz uranium enrichment plant in Iran noticed that centrifuges used to enrich uranium gas were failing at an unprecedented rate. The cause was a complete mystery — apparently as much to the Iranian technicians replacing the centrifuges as to the inspectors observing them
CVE-2014-4115 Analysis: Malicious USB Disks Allow For Possible Whole System Control (TrendLabs Security Intelligence Blog) One of the bulletins that was part of the October 2014 Patch Tuesday cycle was MS14-063 which fixed a vulnerability in the FAT32 disk partition driver that could allow for an attacker to gain administrator rights on affected systems, with only a USB disk with a specially modified file system. This vulnerability as also designated as CVE-2014-4115
Baldwin [Pennsylvania] Family Falls Victim To Scary Cyber Invasion Attack (CBS Pittsburgh) It all started with a phone call in the middle of the night
Bulletin (SB14-307) Vulnerability Summary for the Week of October 27, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
HTML5 goes officially live — now you really CAN say goodbye to Java in your browser! (Naked Security) Do you remember what happened on the night before Christmas in the last year of the last millennium?
Most Users Don't Use Windows Update Properly: Report (Infopackets) A new report suggests that many users who use the Windows Update feature to automatically download and install the latest security patches from Microsoft do not have an up-to-date operating system
UK consumers particularly prone to piss-poor patching (Register) Java a hot spot — new report
Cyber Trends
Cyberspace Expands Threat Matrix (InformationWeek) National security experts warn there is no privacy or security any more
Hacking Up History (PC Magazine) "History repeats itself" is a phrase you'd never think of in the tech world, but it holds quite a bit of truth in the industry
Limiting automation in a cyber-insecure world (C4ISR & Networks) With each new headline announcing another cyber breach, to include national governments, retail stores, cloud companies (Apple's iCloud), and leading banks, I am compelled to reflect on an obscure set of war games conducted in 2012-2013 that may prove prescient
Privileged-account risk multiplies for Australia's cloud-hungry businesses: CyberArk (CSO) Australian companies may be among the most enthusiastic and progressive about cloud services in the world, but they're opening up new avenues for attack unless they complement cloud initiatives with efforts to identify control unmanaged privileged user accounts, a CyberArk executive has warned
Marketplace
What Engility's purchase of TASC could mean for D.C.-area services contractors (Washington Post) For government contractors, the holiday shopping season has already kicked off
Alcatel-Lucent sells cyber security biz to Thales (Telecom Lead) Telecom network vendor Alcatel-Lucent has sold its cyber security services & solutions and the communications security business to Thales
What to look for in FireEye's earnings (MarketWatch) FireEye sales expected to slow for the fourth straight quarter
Telecom giant Huawei doubles down on Ontario (Ottawa Citizen) Chinese telecommunications giant Huawei announced Friday night that it plans to almost double its investment in its Ontario facilities, creating 325 new jobs in Ottawa and elsewhere
Huawei Invests $1.5 Billion to Build New ICT Facilities in Mexico (China Topix) Chinese telecom equipment maker Huawei Technologies Co. Ltd. is investing $1.5 billion in Mexico to build new Information and Communication Technology (ICT) centers over the next five years
Xiaomi Is Facing Security Related Investigations In Singapore & Taiwan Too (Trak.in) Last week, Indian Air Force issued a circular wherein they had categorically warned against using Xiaomi smart phones, due to security related issues. This is the first instance when a defense establishment in India had to issue such a warning against usage of a smart phone
GlobalFoundries Purchase of IBM Essex Prompts Security Review (Vermont Public Radio) The sale of IBM's chip making division, including the company's Essex plant is being scrutinized by federal officials
Crime Pays for Radware as Cyber-Attacks Increase: Israel Markets (Bloomberg) The spate of cyber-attacks that rocked U.S. companies in 2014 came at just the right time for Tel Aviv-based Radware Ltd. (RDWR), which spent the last three years doubling its U.S. sales force
Security Analytics Startup Looks To MSPs, Cloud Partners For Growth (CRN) The head of an early-stage security analytics company has a well-thought-out strategy for partnerships moving ahead amid what he called accelerating demand for smarter approaches to security. Austin, Texas-based SparkCognition is just about a year old and has established partnerships with IBM Watson, SoftLayer and Power, and while most of its sales currently are direct, Founder, President and CEO Amir Husain is already in the beginning stages of building out the company's channel
Top municipal government Hexis Cyber solution for advanced threat protection (Financial News) KEYW Holding Corporation (KEYW) subsidiary Hexis Cyber Solutions said that HawkEye G has been selected by a top ten US municipal government for advanced threat detection and automated malware removal
Security Consultancy Threat Intelligence Appoints Australian Security Leader Andrew van der Stock as Principal Security Consultant (PRWire) Threat Intelligence, an Australian security consultancy specialising in the next era of intelligence-based threat management and penetration testing, today announced that it has appointed security veteran and acknowledged Australian leader of the application security field, Andrew van der Stock as Principal Security Consultant
Products, Services, and Solutions
Why Facebook Just Launched Its Own 'Dark Web' Site (Wired) Facebook has never had much of a reputation for letting users hide their identities online. But now the world's least anonymous website has just joined the Web's most anonymous network
What is the Cyber Threat Alliance? (Fortinet Blog) Emerging threats have created some strange bedfellows in the Cyber Threat Alliance but the group's work is critical to advancing security in an increasingly connected world
Check Point Mobile Security Platform Capsule Debuts (eWeek) Capsule secures business documents everywhere, and authorized users can access a protected document on any device
Microsoft Security Essentials Should Be Replaced On Your Computer (JBG News) Microsoft Security Essentials has been declining on AV-Tests for years and Microsoft is beginning to show neglect in keeping up with the competition
Best Free Antivirus — Analysis of the Top Paid and Free Antivirus Software (Fuse Joplin) There are many different free antivirus programs that you can download for your computer or device. They, however, vary in quality and features and offer different levels of protection
Gemalto cloud security platform now integrates with Microsoft Active Directory Federation Services (CSO) Gemalto, a world leader in digital security, announces its cloud authentication server is compliant with Microsoft's single-sign on access feature. Gemalto's Protiva IDConfirm platform integrates with Microsoft Active Directory Federation Services (AD FS), enabling strong authentication to web-based enterprise applications with a unique user digital identity
justniffer a Packet Analysis Tool (Internet Storm Center) Are you looking for another packet sniffer? justniffer is a packet sniffer with some interesting features. According to the author, this packet sniffer can rebuild and save HTTP file content sent over the network. "It uses portions of Linux kernel source code for handling all TCP/IP stuff. Precisely, it uses a slightly modified version of the libnids libraries that already include a modified version of Linux code in a more reusable way."[1] The tarball can be downloaded here and a package is already available for Ubuntu
Technologies, Techniques, and Standards
Are Your Contracts Ready for a Cybersecurity Breach? (Corporate Counsel) Cyberattacks are becoming more frequent, more sophisticated and more widespread, as evidenced by recent hacks involving financial institutions like JPMorgan Chase & Co., home improvement retailer The Home Depot, e-commerce giant eBay Inc. and Target Corp.'s massive cyberattack that hit at the height of the holiday season last year
Data Breaches: Don't Blame Security Teams, Blame Lack of Context (Forbes) Cyber security teams are now, more than ever, under great pressure due to an increased likelihood that their organization will be breached
In cybersecurity, the weakest link is … you (Conversation) A chain is only as strong as its weakest link. Computer security relies on a great number of links, hardware, software and something else altogether: you
Setting Traps, and Other Internet Security Tips (MIT Technology Review) In the wake of cyberattacks on JPMorgan and other sophisticated companies, a computer security expert offers advice to those of us with far fewer resources
Use caution storing data in the "cloud" (Lake News Online) Businesses used to fret about sensitive documents, often keeping them stored under lock and key in safes, desks or file cabinets. Today, so much data is exchanged electronically that hardcopies are usually produced only when necessary
Targeting security weaknesses in the phone channel (Help Net Security) Fraud over the phone channel is a significant problem for businesses, both small and large. Recently, phone hackers targeted a small architecture firm in Georgia, costing them more than $166,000. The firm had only seven employees, and a few VoIP connected phone devices. For larger businesses with call centers, the risk of phone fraud grows exponentially, as does the average fraud loss
Hacker Lexicon: What Is Homomorphic Encryption? (Wired) The problem with encrypting data is that sooner or later, you have to decrypt it
Research and Development
Google Working on Tool to Gather Stats While Preserving Privacy (Threatpost) Google is working on a new system that enables the company to collect randomized information about the way that users are affected by unwanted software on their machines, without gathering identifying data about the users
Raising cryptography’s standards (R&D Magazine) Most modern cryptographic schemes rely on computational complexity for their security. In principle, they can be cracked, but that would take a prohibitively long time, even with enormous computational resources
Academia
Cyber security: Always a 'topic of concern' (U.S. Air Force Academy Public Affairs ) National Cyber Security Awareness Month will end Oct. 31, but one Academy official said she hopes Airmen here continue to treat computer security with the year-round attention she said it deserves
HP Helps Schools Fend Off Mounting Cyber Threats (CIO Today) As the number of "bring your own devices" keeps growing at colleges and other schools, academic IT departments are finding it increasingly difficult to stave off malware, bot attacks and a variety of other cyber Relevant Products/Services-threats. Several educational institutions across the U.S. have turned to Hewlett-Packard's TippingPoint network Relevant Products/Services security Relevant Products/Services solutions for help
Legislation, Policy, and Regulation
China Approves Security Law Emphasizing Counterespionage (New York Times) President Xi Jinping of China has signed a new Counterespionage Law, replacing the 1993 National Security Law with an updated set of rules that will more closely target foreign spies and Chinese individuals and organizations who collaborate with them
Global Times: US plays up latest Chinese cyberespionage report (Want China Times) A recently published report about a Chinese-sponsored hacker group being circulated by US media outlets is allegedly attempting to manipulate public opinion against China just before the coming Asia-Pacific Economic Cooperation (APEC) conference, where leaders of the two countries will meet in Beijing, reports state-media Global Times
The spies who kill innovation (Stanford Daily) Much has been made of China's rise and America's supposed decline, but these arguments are generally unsound. American declinists leech off the belief that faster growth today means more power tomorrow. They assert that China's economic rise means that the Middle Kingdom will necessarily supplant America's global hegemony with its own
Berlin Weighs Possible Hit to U.S. Tech Firms (Wall Street Journal) Draft web law could exclude some companies From Germany's digital economy
Brazil Building Internet Cable to Portugal to Avoid NSA Surveillance (Latin Post) The Brazilian government is breaking ties with American technology companies and is investing in building a cable to Portugal to escape the reach of the U.S. National Security Agency
Mixed results for key Government cyber-initiatives (SC Magazine) The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target
Can DHS get it together? (FCW) Twelve years after its creation, the Department of Homeland Security is at a crossroads in how it handles its ever-evolving cybersecurity mission
Navy to Begin Preparations for Cyber Warfare (National Defense) U.S. warships that patrol treacherous waterways like the Strait of Hormuz are ready to respond to a wide array of threats, including underwater explosives, kamikaze boats and missile strikes. They are less prepared, though, to cope with a cyber onslaught on their computer systems
Litigation, Investigation, and Law Enforcement
Right, Left Combo to Spar with NSA in Court (WND) Klayman welcomes ACLU in battle against government spying
Misuse Confidential Information and Risk a Significant Payment (WillisWire) A recent decision of the English High Court found Barclays Bank liable to pay damages of €10 million to CF Partners for breaching an equitable duty of confidence. The Court held that the bank had misused confidential information, supplied by CF Partners for a bank loan to finance a takeover bid, in order to buy the target company itself
Francis Maude: 'The internet is too large for any organisation to fight cyber crime alone' (Computing) Cyber security is "an important part of the UK's economic plans", which is why it's essential that the issue isn't just confined to the IT department, but to every individual within all organisations
Police can demand fingerprints but not passcodes to unlock phones, rules judge (Naked Security) Cops can force you to unlock your phone with your fingerprint, but not with your passcode, according to a judge in the US state of Virginia
Huntsville schools paid $157,000 to former FBI agent, social media monitoring led to 14 expulsions (Al.com) Huntsville City Schools paid a former FBI agent $157,000 last year to oversee security improvements, including the investigation of social media activity of public school students
Israeli living in Mexico arrested on suspicion of blackmailing companies (Haaretz) Police cyber-unit inquiry showed he hacked firms, threatened to disclose data if they didn't pay ransom totaling $530,000
'Blackshades' User Pleads Guilty to Hacking (Wall Street Journal) A New Jersey man has pleaded guilty in Manhattan federal court to a charge of computer hacking by using the malicious Blackshades software that was the focus of a global crackdown earlier this year, the U.S. attorney's office said Friday
Man faces trial over 'cyber attack' (Oxford Mail) A 44-year-old man is due to face trial today accused of being responsible for a cyber-attack launched against the Home Office's website
South Shields 'hacker' held over cyber attack on Durham police (Hartlepool Mail) A suspected internet hacker has been arrested over a cyber attack on Durham Constabulary's website after a raid on a house in South Shields
Teacher's ex accused of hacking email, sending nude pics to students (Naked Security) The ex-lover of a Pasadena teacher has been arrested and bailed in Los Angeles county, accused of breaking into the teacher's school email account and using it to send out "sexually explicit" photos of said teacher to students and fellow staff