Cyber Attacks, Threats, and Vulnerabilities
Twitter account associated with Iran leader hits out at 'arrogant' powers (Reuters) A Twitter account Iran experts believe is run by the office of Supreme Leader Ayatollah Ali Khamenei said on Tuesday "arrogant" powers had tried hard to bring the Islamic Republic to its knees but had failed
Secret Malware in European Union Attack Linked to U.S. and British Intelligence (Intercept) Complex malware known as Regin is the suspected technology behind sophisticated cyberattacks conducted by U.S. and British intelligence agencies on the European Union and a Belgian telecommunications company, according to security industry sources and technical analysis conducted by The Intercept
Regin: Nation-state ownage of GSM networks (SecureList) "Beware of Regin, the master! His heart is poisoned. He would be thy bane"
Regin: Sophisticated Malware, But Not Without Precedent (TrendLabs Security Intelligence Blog) Recent reports have implicated a sophisticated piece of malware known as Regin in targeted attacks in various countries. Regin was described as being highly sophisticated and designed to carry out long-term stealthy surveillance on would-be victims at the behest of its creators, who have been suggested to be nation-states. Telecommunication companies are believed to have been the primary targets of this attack
Belgin [sic] backdoor: Sophisticated, stealthy, state-sponsored? (Help Net Security) Symantec researchers are warning about a new, complex cyber espionage tool that has been around for years and that has likely been created and is wielded by a nation state
Highly advanced backdoor trojan cased high-profile targets for years (Ars Technica) "Backdoor Regin" bears a resemblance to Stuxnet, was developed by a wealthy nation
APT operation 'Double Tap' exploits serious Windows OLE bug (SC Magazine) APT3, a group believed to be behind "Operation Clandestine Fox," is now using exploits targeting recently disclosed vulnerabilities in Windows, researchers at FireEye found
Obfuscated Flash Files Make Their Mark in Exploit Kits (TrendLabs Security Intelligence Blog) In recent years, we noticed that more and more malicious Adobe Flash (.SWF) files are being incorporated into exploit kits like the Magnitude Exploit Kit, the Angler Exploit Kit, and the Sweet Orange Exploit Kit. However, we did some more digging and found out that the number of Flash files isn't the only thing that has changed: these files use obfuscation techniques than files from two to three years ago
Resurgent Android Worm Develops Conficker-Like Sophistication (Infosecurity Magazine) NotCompatible, an Android malware threat that's been around for a couple of years, has re-emerged with a fresh variant that sets a new bar for mobile malware sophistication and operational complexity. The command infrastructure and communication now self-protects through redundancy and encryption
Sony Pictures Shuts Down Systems After Cyberattack (TIME) A message from the hackers bears a picture of a skeleton and threatens to release the company's "top secrets"
Sony Pictures hacked, entire computer system unusable (Office of Inadequate Security) When reports emerged that Sony had been hacked, I didn't post anything here, waiting for confirmation. Instead of confirmation, Sony denied all claims of hacks
Craigslist back up and running after DNS hijack (Naked Security) If you had trouble getting onto Craigslist to sell your apple green velvet armchair over the weekend, join the club: the site was hijacked on Sunday night
Craigslist DNS hijacked, redirected at infamous “prank” site for hours [Updated] (Ars Technica) Craigslist CEO: domain registrar was compromised, sending traffic to "various sites"
MalwareBytes forum hacked, users asked to reset passwords. (MalwareBytes) MalwareBytes, the world renowned anti-malware or malware prevention company has recently found out that its forum was hacked on Monday the November 10th
Fake banking Apps with Malware in Google Play Store target Android users (HackRead) The security researchers from Kaspersky Lab discovered two fake malicious banking apps on Google Play store targeting Brazilian Android users
Timing Attack and the importance of controlling the length of the input — The Case of Drupal CVE-2014-9016 (#/dev/console) First of all, let me introduce you to my partner Javier Nieto from Behindthefirewalls. We have written this post together and we hope you enjoy it
Microsoft Refutes Rumors of Being Hacked (Gameranx) Microsoft has investigated claims made by online group DerpTrolling
Scammers used fake product listings to steal from Walmart (Help Net Security) On November 13, US retailer Walmart announced that they will officially start matching the price for items which are also sold for a lower price by online retailers. Less than a week later, the price matching policy has been amended to exclude marketplace vendors, third-party sellers, auction sites or sites requiring memberships
What Healthcare Can Learn From CHS Data Breach (InformationWeek) Security breach that exposed personal data on 4.5 million Tennessee healthcare system patients offers key lessons to prevent similar cyber attacks
Security Patches, Mitigations, and Software Updates
WordPress releases critical security fixes: News tech leaders need to know (Financial Post) Companies whose blogs rely on WordPress should upgrade immediately if they're running version 3.9.2 or earlier. A critical cross-site scripting vulnerability could allow anonymous users to compromise the site
Docker 1.3.2 — Security Advisory (Openwall) Today, we are releasing Docker 1.3.2 in order to address two critical security issues. This release also includes several bugfixes, including changes to the insecure-registry option
Cyber Trends
Nearly half of all web application cyber attacks target retailers, study shows (ComputerWeekly) Nearly half of all web application cyber attack campaigns target retail applications, a study has shown
Black Friday and Cyber Monday will put retailers under pressure (Help Net Security) Retailers are currently preparing themselves for two very busy shopping days. Black Friday (28th November 2014) and Cyber Monday (1st December 2014) will see shoppers spend millions online
US Cybersecurity Practices Fail To Keep Pace With Cyber Adversaries (HS Today) As cyber criminals and nation-state actors continue to adjust their tactics to maintain advantages, businesses and government agencies are struggling to counter the increasing sophistication of cyberattacks with the ability to seriously impact growth
Marketplace
Vente de failles : Vupen veut quitter la France et blâme les lourdeurs administratives (ZDNet) Sécurité : Selon l'Express, la société souhaite s'installer son siège au Luxembourg et à Singapour. Spécialisée dans la vente de faille 0day, Vupen se plaint des lourdeurs et incertitudes administratives qui pèsent sur son secteur d'activité
CYREN: Still Waiting For New Product Uptake (Seeking Alpha) CYREN (NASDAQ:CYRN) once again disappoints as investors look for signs of life in the rollout of the new cloud-based WebSecurity product. At this point, the catalyst to move the stock up is not so much current earnings but evidence that the new product can sell
RedSeal Expands Core Management With Industry Veterans Leslie Canning and Roberta Gray (Sys-Con) RedSeal, the end-to-end provider of network visibility and intelligence to evaluate and strengthen network defenses, today announced that building on current market momentum, it is expanding the senior management team with two key appointees. Leslie Canning has been named Executive Vice President for Worldwide Sales, and Roberta Gray has been appointed Vice President of Marketing
Products, Services, and Solutions
Nationwide, Hartford Steam Boiler Offer Cyber Cover for Small Business Owners (Insurance Journal) As more than half of all U.S. small businesses have experienced a data breach, Nationwide has joined forces with Hartford Steam Boiler (HSB) to offer cyber insurance coverage for small business owners. The services and coverages help small businesses respond to a data breach, computer attack or identity theft and get their business, personal identity, and overall reputation back on track
Rambus Cryptography Research Division Licenses Security Technologies to Cisco (BusinessWire) Rambus Inc. (NASDAQ:RMBS) today announced that its Cryptography Research division has licensed select security-related technologies to Cisco Systems. The agreement enables Cisco to integrate relevant security technologies into Cisco products to provide protection against unauthorized access and mitigate security threats. Specific terms of the agreement are confidential
NTT Data implements Cryptomathic key management system (Finextra) Cryptomathic announces that leading IT services provider, NTT DATA, has implemented Cryptomathic's Key Management System (CKMS) across its payment processing platform in Italy, to centralise the management of cryptographic keys
CloudFlare Will Offer A Local Version Of Its Web Security Service In China In 2015 (TechCrunch) CloudFlare is tackling a long-standing goal and bringing its internet security and performance service to Mainland China next year. The U.S. company will open 12 data centers on Chinese soil over the next six months in a move that gives overseas websites and services improved performance on the ground, not to mention will increase its business in China
Google Brings Open Source Security Gifts (eSecurity Planet) Google isn't just about search anymore. In recent weeks it has announced multiple security projects including Santa for Mac
New Generation of WatchGuard Firewalls Enable Mid-Size Enterprises to Keep Pace with Explosive Growth in Encrypted Traffic (CSO) Dramatic increase in security horsepower vaults WatchGuard's new Firebox® M400 and M500 firewalls past competition by up to 149 percent in encrypted traffic inspection and up to 61 percent in overall performance
WatchGuard Technologies Partners with Fujitsu Fsas to Deliver Managed Network Security Solutions in Japan (India PR Wire) WatchGuard Next Generation Firewalls and Unified Threat Management appliances selected for breadth of security services, system management and real-time visibility tools
You've Got Malware: Infoblox Introduces Free Product Evaluation to Find the DNS Footprints of Cybercrime Inside Enterprise Networks (MarketWatch) Infoblox Inc. BLOX, +1.16% the network control company, today introduced a free DNS-based evaluation product to help find malware carefully hidden by cybercriminals inside enterprise networks
Secure Dell Windows 8.1 Tablet Offers Mobile Computing up to Top Secret level (MarketWatch) Integrated Eclypt® hard drive accredited for Top Secret (UK and Canada), NATO Secret, and FIPS 140-2 data encryption
Technologies, Techniques, and Standards
Fighting malware, emerging threats and AI (Help Net Security) Liran Tancman is the CEO of CyActive, a predictive cyber security company. In this interview he talks about fighting malware, emerging threats, artificial intelligence and the cloud
Thwarting attackers with threat intelligence (Network World) News reports show cyber attacks continue to outpace IT's ability to protect critical data, but teams that have built systems to deliver accurate threat intelligence can often end an attack before damage is done. Threat intelligence comes from commercially available information, ongoing analysis of user behavior and native intelligence from within the organization
ENISA guidelines on cryptographic solutions (Help Net Security) ENISA launched two reports. "Algorithms, key size and parameters" is a reference document providing a set of guidelines to decision makers, in particular specialists designing and implementing cryptographic solutions for personal data protection. The "Study on cryptographic protocols" provides an implementation perspective, covering guidelines regarding protocols required to protect commercial online communications containing personal data
Algorithms, key size and parameters report — 2014 (ENISA) During 2013, ENISA prepared and published its first reports with cryptographic guidelines supporting the security measures required to protect personal data in online systems. Recently published EC Regulations on the measures applicable to the notification of personal data breaches [118] make reference to ENISA, as a consultative body, in the process of establishing a list of appropriate cryptographic protective measures
Study on cryptographic protocols (ENISA) Cryptographic algorithms, when used in networks, are used within a cryptographic protocol. In the ENISA algorithms report of 2013 [113], several protocols were discussed. In this document (which is the sister document of the 2014 report [115]) we extend the work in the 2013 report to cover more categories of protocols
Commentary: Cyber threats demand executive not just IT skills (FedScoop) It seems that every week we read about another cyber incident or data breach on the front pages of online or print news publications. While breaches of banks and retailers are now routinely part of that news, so are more worrisome threats
Cloud-Based Security: The Next Generation of Defense for the Good Guys (CrowdStrike Adversary Manifesto) How does your company use the cloud? Almost certainly it allows your employees to work more efficiently by enabling them to access email and vital documents wherever they are in the world. Perhaps it also enables your R&D team to process petabytes of information into useful and valuable data sets in the blink of an eye. But are you taking advantage of the benefits of the cloud to protect your email servers, support data privacy and integrity, and protect your intellectual property from cyber theft?
Emergency Preparedness Plans Must Involve Preparation For All Disasters, Including Cyber (HS Today) In September 1989, South Carolina was wildly unprepared when Hurricane Hugo — a Category 4 storm with estimated winds of 135 miles per hour — hit South Carolina's coast, claiming 49 lives, causing the equivalent of over $13 billion dollars in damage in 2014 dollars, and displacing 60,000 from their homes
Free Wi-Fi not good 'cyber hygiene', says former Homeland Security chief (Thompson Citizen) Former U.S. Homeland Security chief Michael Chertoff has a handful of golden rules for what he calls good Internet hygiene. And the first is simple: don't use the free Wi-Fi
Tips to avoid online scammers this holiday season (Help Net Security) With Black Friday and Cyber Monday offers, often dramatically cutting prices for one day only, there will be many genuine deals to be had. The problem for many of us is how to spot the real deal, from the scam? Here's five tips to prevent you gifting your money to the criminals these holidays
Academia
UTSA to train more American cities to fight cyber attacks (San Antonio Business Journal) The University of Texas at San Antonio will share in a $2.3 million grant over the next three years to help communities protect their critical assets from possible cyber attacks
DHS Announces The 2015 Cyber Student Volunteer Initiative (National Journal) The Department of Homeland Security today announced the launch of the 2015 Secretary's Honors Program Cyber Student Volunteer Initiative for current two- and four-year college students. Beginning in the spring of 2015, more than 75 selected students will complete volunteer assignments supporting the DHS cyber mission at department field offices in over 50 locations across the country
Facebook Now a Cyber Gold Sponsor for the Air Force Association's CyberPatriot Program (PRNewswire) The Air Force Association today announced that Facebook, the world's leading social media website, has partnered with CyberPatriot — the National Youth Cyber Education Program
Legislation, Policy, and Regulation
U.S. Plays Cyberspy vs. Cyberspy (Bloomberg View) With revelations that critical infrastructure in the U.S. has been under sustained attack, likely perpetrated by Russia, it's easy to forget that we're not merely a victim amid the waves of repeated cyberattacks
Cybersecurity: Time for the U.S. to Stop Negotiating with China and Start Acting (Daily Signal) It comes as no surprise that the U.S.–China cybersecurity talks at the Asia–Pacific Economic Cooperation (APEC) largely failed. While Obama was in China The Washington Post reported that the Chinese were the prime suspects in hacks against both the National Oceanic and Atmospheric Administration (NOAA) and the U.S. Postal Service (USPS)
Internet data plan back on political agenda (BBC) A law forcing firms to hand details to police identifying who was using a computer or mobile phone at a given time is to be outlined by Theresa May
NSA director: "Totally defensive" a losing strategy (Fierce Government IT) Although there are no established principles for norms in cyberspace, such as what qualifies as an "act of war," the idea that nations should refrain from offensive action and operate day-to-day completely on the defensive is not acceptable to the U.S. military, said Vice Adm. Mike Rogers, the dual-hatted head of the National Security Agency and Cyber Command
NSA privacy chief defends agency's surveillance (ComputerWorld) Rebecca Richards, the agency's first privacy director, answers public questions on Tumblr
Wyden pledges to pursue NSA reform (Oregon Bulletin) Failure of data collection bill to advance does not mean end of reform efforts
DHS Set to Destroy Governmentwide Network Surveillance Records (Nextgov) The Department of Homeland Security is poised to ditch all records from a controversial network monitoring system called Einstein that are at least three years old, but not for security reasons
California attempting to lead on data privacy rights — again (FierceBigData) Voters overwhelmingly approved a California constitutional amendment aimed explicitly at granting the right to data privacy — in 1972. No, that is not a typo. That happened in 1972. Now the state of California appears to be stepping up again to take on privacy more stringently even as legislators at the federal level cave to lobbyists
Litigation, Investigation, and Law Enforcement
Making law enforcement more difficult with mobile-device locks (News & Observer) Mobile device manufacturers are strengthening privacy protections on their products in a move that will make it more difficult for law enforcement officials to access data stored on the smartphones and tablets of criminals for which they have a warrant to search
FBI offers $1 million reward for anybody who can help catch online car scam fugitive (Naked Security) The alleged kingpin behind a multimillion-dollar online car selling scam, Romanian fugitive Nicolae Popescu, just made it onto the FBI's 10 Most-Wanted Cyber Fugitives list
Google reaches settlement with troll victim (Naked Security) Since 2011, an unknown internet troll has allegedly been lying about UK businessman Daniel Hegglin, calling him — among other things — a Mafioso, a Ku Klux Klan sympathizer, a paederast, a "bribed worm", and a "Naziterrorist principal of murders"
System admin sentenced for hacking Navy database (C4ISR & Networks) A former nuclear systems administrator with the Navy was sentenced to two years in prison for his role in the 2012 hacking of the Navy's Smart Web Move database and publicly releasing personal records of some 222,000 service members