The CyberWire Daily Briefing 12.05.14

Cyber Trends

Worrying about cyberwar is making countries less safe (Quartz) Ten days ago, on Nov. 24, online security firms revealed the existence of a powerful computer virus called Regin. A tool of espionage (pdf), the bug displayed all the hallmarks of nation-state backing, researchers said. Suspicion immediately fell on the US and Israel

'Cyber Pearl Harbor' plausible, says cyber military expert (FierceGovernmentIT) The threat of a "cyber Pearl Harbor" — a hotly debated term after then-Defense Secretary Leon Panetta used the phrase in a 2012 address — isn't just an idea used for shock value; a cyber attack with catastrophic effects on the United States is very possible, according to an expert on cyber military operations

High Voltage of 2015: Kaspersky Lab's Short-Range Predictions (Information Security Buzz) Cyber criminals are growing in confidence. Previously, they attacked users of banking services, seeing them as the weak link in the security chain. But next year, Kaspersky Lab experts anticipate high-stakes targeted cyber-attacks pinpointing the banks themselves. And the fraudsters won?t stop there; we expect they will go for broke and try to develop new malware that can take cash directly from ATMs. In addition to financial cybercrime, 2015 is also likely to bring even more privacy concerns, security worries about Apple devices, and renewed concern bout preventing hackers from using connected devices like network printers to penetrate corporate networks

Black Lotus Report Shows DDoS Volume Decreasing But Sophistication Of Attacks Increasing (Business Solutions) A new report from Black Lotus, a provider of distributed denial of service (DDoS) protection, shows that attackers are using less bandwidth to cause trouble but are getting smarter about how their attacks work. The report found that the most likely source for new DDoS attacks will be Vietnam, India, and Indonesia in 2015, according to a press release. Although these nations lack bandwidth to launch massive DDoS attacks, they do have a high volume of compromised end-point devices, which can be utilized in botnet attacks. In Q3 2014, China was the leading source of DDoS attacks, followed by the United States and Russia

Pindrop Security Identifies Top Phone Scams Affecting Consumers in 2014 (MarketWired) Pindrop Security, the pioneer in phone fraud prevention and call center authentication for banks and enterprise call centers, today announced the release of a new report, "Top Consumer Phone Scams: 2014." The report provides an in-depth analysis of the most common phone scams affecting consumers this year

The internet will become the corporate network perimeter, predicts iSheriff CEO (FierceITSecurity) The internet will become the corporate network perimeter, predicts Paul Lipman, CEO of cloud security service provider iSheriff

It's Not That Antivirus Has Died, It's That People Have Stopped Using It (InformationWeek) Study finds that one in three US computer users don't have an anti-malware solution installed

The Problem With The Internet Of Things (TechCrunch) Lightbulbs, washing machines, thermostats, fridges and locks. If you believe the Internet Of Things salespeople, over the next 10 years, everything in your home is set to become connected

Welcoming Our AI Overlords (InformationWeek) Stephen Hawking warns artificial intelligence could end humanity, but science fiction often proposes a harmonious future for people and machines. Who's right?

Nick Bostrom Says We Should Trust Our Future Robot Overlords (IEEE Spectrum) Is artificial intelligence likely to make humans extinct, or are we smart enough to control it?

Legislation, Policy and Regulation

Warring State: China's Cybersecurity Strategy (Center for a New American Security) Cyberspace and information technology have enabled the economic, political, and cultural integration of the United States and China. However, interdependence creates costs as well as benefits. Increased interconnection has also contributed to major obstacles in the bilateral relationship, generating mutual distrust of incentives, actions, and norms in cyberspace

One step forward, one step back: U.S. Senate introduces crypto backdoor bill while House removes fix (Access) Today, U.S. Senator Ron Wyden introduced a bill to prohibit the government from mandating backdoors in hardware and software technologies. The legislation prohibits any federal agency from intentionally weakening consumer encryption standards. As we've previously said, strong encryption standards and device security are critical to the privacy of individual users. Access commends Senator Wyden and urges the Senate to quickly pass the Secure Data Act

U.S. urges banks to consider cyber risk insurance amid hacking threats (Reuters via the Chicago Tribune) Banks should consider cyber risk insurance to help deal with the financial fall-out from the growing threat of cyber attacks, a top U.S. regulator said on Wednesday

Government Terrorism Insurance Program Faces Lapse (ABC News) As Congress races to its lame-duck finish, time is running out on a government program that provides a backstop to private-sector insurance against terrorist attacks

U.S. Transportation Command taking steps to defend against cyber attacks (Reuters via News Walk) The U.S. military command that transports troops and cargo is taking aggressive steps to defend its computer networks against destructive cyber attacks by other countries and criminals, its four-star commanding general said on Thursday

Dateline

SINET Showcase and Workshops 2014 (SINET) Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase's objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation's critical infrastructure and command-and-control systems. SINET Workshops deliver critical knowledge, targeted perspective and opportunities for direct information sharing between entrepreneurs and security experts. Held in conjunction with IT Security Entrepreneurs Forum and Showcase, each workshop offers expert insight from industry and government officials, venture capitalists, leading researchers and successful entrepreneurs who share thought leadership, experience and "know how." There is no comparable opportunity to learn how to navigate the Federal Government sector, and to obtain the necessary financing, professional services and guidance needed to win

Security Innovation Network (SINET) Announces Its 2014 Top 16 Emerging Cybersecurity Companies (Yahoo! Finance) The Security Innovation Network™ (SINET), an organization focused on advancing Cybersecurity innovation through public-private collaboration, announced today the winners of its annual SINET 16 competition. The companies, which were selected from a pool of 180 applicants from around the world, represent a range of Cybersecurity solution providers who are identifying cutting-edge technologies to address Cybersecurity threats and vulnerabilities. The selected companies will share their work with buyers, builders, investors and researchers during the SINET Showcase on Dec. 3 — 4, 2014 at the National Press Club in Washington, DC

Products, Services, and Solutions

Bank-backed security utility service to serve all industry sectors (CSO) Soltra Edge is a free, standards-based communications network that connects public and private cyberthreat intelligence providers with enterprise security technology platforms that can put this information to use

Defense contractors fighting cyber threats can share information through new Information Security and Analysis Center (AL.com) The hacking of Sony's computer networks has again focused attention on the growing cyber security problem in America

One-Stop-Shopping for Cyber Security Compliance & Insurance Solutions —from Red Flags to NIST & Reg S-ID — Offered by New Global Team, CyberInsure Solutions (PRWeb) There's now a single-stop solution for companies facing cybersecurity compliance and insurance requirements — from FTC Red Flags to SEC Regulation S-ID; HIPAA cyber compliance to federal Interconnection Security Agreements (ISAs); and NIST to FERC guidelines: CyberInsure Solutions

ThreatMetrix Protected 10 of the Top 20 Online Retailers Against Fraud During Cyber Week (PRWeb) Data from the ThreatMetrix® Global Trust Intelligence Network Identified an Increase in Mobile Spending and Consumers Returning to Trusted Websites

Microsoft focuses on Azure security in cloud race against AWS (TechTarget) Microsoft is working to improve Azure security, but analysts say Amazon Web Services is still in the lead when it comes to cloud security capabilities

Pulse Workspace Delivers App Containerization for Android (The VAR Guy) Pulse Secure released its new app-containerization solution for Android devices, including those running Android 5.0 Lollipop

SentinelOne Updates Endpoint Detection, Response Platform (eWeek) Available with subscription pricing based on a per endpoint per year basis, EDR also generates forensic reports, among other expanded capabilities

Sookasa Integrates with Dropbox for Business to Power Productivity and Security (PRWeb) Sookasa's integration with Dropbox for business provides a seamless joint solution for cloud storage, encryption, and compliance needs

Cimcor Unveils New Website for CimTrak (PRWeb) The new CimTrak site has a responsive design which makes it mobile-friendly and easier for users to navigate

Bank-funded cyber info sharing software released (The Hill) Cyber threat info-sharing software developed with backing from major banking trade groups is now widely available. The software, Soltra Edge, is built to collect cyber threat information from myriad sources and convert it into a standard, readable format for companies. The software was funded by banking industry groups

DB Networks Boosts Capabilities of DBN-6300 (Top Tech News) DB Networks Expands Into Intelligent Continuous Monitoring with the DBN-6300, Powered by Machine Learning & Behavioral Analysis -- The DBN-6300 is already providing companies with the actionable intelligence and situational awareness to vastly improve their data center security posture

Lumension Releases Endpoint Management and Security Suite v8.1 (PRWeb) New release enhances the workflow for improved efficiency and manageability of patches, and expands platform and agent support

Cyber Security for National Infrastructures (Israel Defense) Nation-E has launched its new Energy Cyber Security Center at a ceremony attended by the President of Israel

Covata and NSC Global Announce First Joint Customer Project with T-Systems Subsidiary of Deutsche Telekom (Yahoo! Finance) Covata Limited (CVT.AX) and reseller partner NSC Global today announced its first major joint project, which delivers on the companies' existing partnership, inked earlier this year. The project advances the European go-to-market strategy for the Covata Platform and marks the first major milestone in working towards a contractual agreement with T-Systems, a subsidiary of German based ICT Company Deutsche Telekom

Technologies, Techniques, and Standards

The Case for Bringing Your Own Encryption to Microsoft's Cloud (Redmond Channel Partner) The public cloud and third-party encryption offerings from Microsoft provide partners a key opportunity to do their customers a real service

How to prevent IoT nightmares (Information Age) As more and more devices connect to enterprise networks, businesses can expect more cyber attacks

Digital Forensics Can Use Facebook to Solve Cases (Baseline Magazine) Given the complexity of data in various mobile devices, clouds and social media, many nontraditional sources must be examined during a forensic investigation

Should Chief Marketing Officers be involved in security and privacy decisions? (CSO) In a report issued today by PricewaterhouseCoopers, the management consulting firm urged Chief Marketing Officers to get more involved in data protection

Protecting your child's digital identity (Help Net Security) Each day, as infosec professionals, we dedicate ourselves to protecting our client's most valuable assets. We spend countless hours focused on keeping data, intellectual property, systems and files out of the hands of cyber criminals. Our clients win and we win — at work. But what are we doing about protecting our most valuable assets at home — our children's digital identity?

Marketplace

As data breaches grow, so do dollars into cybersecurity startups (St. Louis Business Journal) As data breaches continue to hit businesses large and small, venture capitalists have dumped more money into startups looking to fix the problem

Study Shows Costs of Cyber Incidents From Insurer's Perspective (SecurityWeek) Cyber risk assessment and data breach services company NetDiligence published a new study on Monday focusing on the costs incurred by insurance underwriters due to cyber incidents

Why Splunk (SPLK) Stock Might be a Great Pick (Zacks) One stock that might be an intriguing choice for investors right now is Splunk, Inc. (SPLK - Snapshot Report). This is because this security in the Internet Software industry space is seeing solid earnings estimate revision activity, and is in great company from a Zacks Industry Rank perspective

NICE and Customers Sweep Up Eight Homeland Security Awards From Government Security News (IT Business Net) NICE named best vendor in three categories: Intelligent Video Surveillance, Forensic Software, and PSIM Solution

Raytheon Hunts for 100 Cyber Security Specialists (Insider Media) US defence contractor Raytheon Company has embarked on a recruitment drive to hire 100 staff for its planned cyber innovation centre in Gloucestershire

Bugcrowd Adds Security Industry Veteran Kymberlee Price to Bolster Researcher Crowd Development, Manage Explosive Growth (PRNewswire) Bugcrowd, the innovator in crowdsourced security, today announced a significant addition to its team with the hiring of Kymberlee Price as its Senior Director of Operations. In this role, Price will be responsible for optimizing Bugcrowd's performance for both its customers and researchers and helping its more than 13,200 Crowd members with ongoing skill development, education and overall participation in Bugcrowd's programs

Exclusive: Intel Security CTO Michael Fey joins Blue Coat as COO (Reuters) Michael Fey has left Intel Security Group to become chief operating officer at Blue Coat Systems Inc, a privately owned network security company

Research and Development

U.S. intelligence agency to develop superconducting computer (Reuters via the Toronto Sun) The U.S. intelligence community has launched a multi-year research project to develop a superconducting computer, awarding its first contracts to three major technology companies

Electron pairs on demand (Nanowerk News) In quantum optics, generating entangled and spatially separated photon pairs (e.g. for quantum cryptography) is already a reality. So far, it has, however, not been possible to demonstrate an analogous generation and spatial separation of entangled electron pairs in solids. Physicists from Leibniz University Hannover and from the Physikalisch-Technische Bundesanstalt (PTB) have now taken a decisive step in this direction. They have demonstrated for the first time the on-demand emission of electron pairs from a semiconductor quantum dot and verified their subsequent splitting into two separate conductors

Security Patches, Mitigations, and Software Updates

About the security content of Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 (Apple Support) This document describes the security content of Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1

IBM fixes serious flaw in Endpoint Manager for mobile device management (Network World) A vulnerability in the IBM Endpoint Manager for mobile devices could allow attackers to execute malicious code on the servers used by companies to manage devices

VMware new and updated security advisories (Internet Storm Center) Today VMware has released the following new and updated security advisories

VMware warns of vCenter cross-site-scripting bug (Register) Six quick fixes flicked to give vAdmins Friday snits

Microsoft slates 7 security updates for next week, resurrects Exchange fix (Computerworld) Microsoft today announced it will release seven security updates on Tuesday, three of them critical, to patch Internet Explorer (IE), Windows, various pieces of the Office suite, and the SharePoint and Exchange server software

Upcoming Adobe Reader, Acrobat Update to Patch Sandbox Escape (Threatpost) Adobe is expected to update its Reader and Acrobat software next Tuesday as part of its scheduled security updates, and the updates likely include patches for a Reader vulnerability disclosed this week by Google's Project Zero

Cyber Attacks, Threats, and Vulnerabilities

Sony Hack Spreads to Auditing Firm Deloitte (Hollywood Reporter) A 2005 spreadsheet detailing employee salaries at the New York-based firm was found among the Sony files, according to Fusion. Meanwhile, the studio says the investigation into the source of the attack is ongoing

Sony hack fits pattern of recent destructive attacks (Christian Science Monitor) The ferocity of the Sony Pictures attack took the technology world by surprise. But it has similarities to other destructive hacks. Among other things, the Sony malware relied on the same commercial software to access and erase Sony hard drives as was used in a destructive attack on oil giant Saudi Aramco in 2012

Sony Hackers Knew Details Of Sony's Entire IT Infrastructure (Dark Reading) While trying to simultaneously recover from a data breach and a wiper attack, Sony watches attackers publish maps and credentials for everything from production servers to iTunes accounts

Did North Korea Really Hack Sony? (Bloomberg) Could it have been an inside job? Perhaps a disgruntled employee with a thumb drive, like Edward Snowden? PLUS: New details of the attack itself from a leaked FBI report

Amid debate, cyber experts cite similarities between Sony attack and 2013 hacks on South Korea (Fox Business) Some cybersecurity experts say they've found striking similarities between the code used in the hack of Sony Pictures Entertainment and attacks blamed on North Korea which targeted South Korean companies and government agencies last year

Sony Pictures malware tied to Seoul, "Shamoon" cyber-attacks (Ars Technica) Elements of the attacks show a common playbook — and possibly a common toolkit

North Korea's Kim gives Hollywood a taste of cyber war (with video) (Vancouver Sun) North Korea is showing how much damage this new form of conflict is capable of inflicting

North Korea denies Sony hack that exposed 47,000 personal records (ComputerWeekly) North Korea has officially denied responsibility for hacking Sony Pictures Entertainment, an act that crippled the company's network and exposed the personal details of 47,000 people

How to defend against a Sony hack (San Diego Union-Tribune) Some security researchers speculated that North Korea was behind the Sony Pictures breach — a sign of more nation-state cyber attacks. Sony was scheduled to release a comedy about TV journalists recruited to assassinate North Korea's leader

Cylance Report: Iranian Hackers Took Control of Airports, Targeted Airlines (Travel Pulse) According to a report released by American cyber security firm Cylance on Tuesday, an Iranian cyberattack known as "Operation Cleaver" took control over airports in three different countries and compromised more than 50 organizations across more than a dozen countries

UAE among targets of Iranian hackers, investigators say (The National) Hackers working for Iran have targeted at least 50 companies and government organisations, including institutions in the UAE

No ordinary mobile attack: The Regin menace (CSO) When you read about security attacks involving mobile network technology, typically they're incidents that target mobile devices used by consumers

Why 'Regin' Malware Changes Threatscape Economics (Dark Reading) Never before have attackers been able to deploy a common malware platform and configure it as necessary with low-cost, quick-turnaround business logic apps

Private-sector computer networks are becoming increasingly vulnerable to destructive cyberattacks (Washington Post) Dangers are growing in cyberspace. Not only are thieves learning to siphon off millions of credit card numbers and e-mail addresses but elaborate pieces of malware are capable of spying on whole organizations for long periods of time, capturing computer screens, keystrokes and data, transmitting it all to distant servers without being detected

Cyber Commander Expects Damaging Critical Infrastructure Attack (SIGNAL) The U.S. response entails multiple government organizations

DeathRing, a new Pre-loaded mobile trojan in the wild (Security Affairs) The number of Pre-loaded mobile trojan in the wild is increasing, DeathRing is the last one discovered by the experts at Lookout firm

Warning! Android phones coming with Pre-Installed malware, Which is non-removable (Hackers News Bulletin) In this Android World, everyone having that, but one thing still matters in these latest Android Phone from where its manufacturing is, as this question comes into rise when anyone found a Malware inside his/her phone, which is sending your personal info to an Anonymous IP Address, exactly I am talking about the Spying or Infecting your device remotely

T-Mobile Update for Samsung Galaxy Note 4 Contains Malware (Hack Read) The last few days have seen an upheaval on tech forums about applications that install themselves in an unauthorized and almost sneaky way, getting unbelievable access and permissions without the phone owner even knowing it

IBM: Hackers can use security hole in social logins to impersonate users on sites like Nasdaq and Slashdot (VentureBeat) IBM's X-Force Application Security Research team says hackers can easily exploit social logins using Facebook or LinkedIn to gain access to another site, like SlashDot.org and Nasdaq.com

Hacking Hollywood: SAG-AFTRA members warned about payroll data breach (CSO) Actors, as well as television and radio artists, have been told to watch their wallets

All PayPal accounts were 1 click away from hijacking (Naked Security) Until Egyptian cyber-security researcher Yasser Ali found it and reported it to PayPal, there was a security hole that meant 150 million-plus customers were one measly click away from account hijacking

Banks: Credit Card Breach at Bebe Stores (KrebsOnSecurity) Data gathered from several financial institutions and at least one underground cybercrime shop suggest that thieves have stolen credit and debit card data from Bebe Stores Inc., a nationwide chain of some 200 women?s clothing stores

Local government websites affected by global cyber attack (Mountain View Voice) A global cyber attack Monday shut down web access to agendas, minutes and video for numerous Bay Area government agencies, including Mountain View

Ransomware is the Future of Consumer Cybercrime (Threatpost) It's 2020, bitter cold outside, you're running late for work, and the Linux box that controls your car isn't going to start unless you wire $20 worth of Bitcoin to an increasingly business-like criminal enterprise operating out of Eastern Europe

Sifma raises cost and security concerns over Finra's CARDS project (FierceFinanceIT) The Securities Industry and Financial Markets Association (Sifma) says the Financial Industry Regulatory Authority's (Finra) proposed "CARDS" program will impose high costs on the industry and open up new cyber security risks. In a comment letter sent to Finra this week, Sifma said its concerns are supported by two separate studies the industry trade group commissioned

After Multiple Reports Of Cyberbullying, After School Disappears From The App Store (TechCrunch) Another haven for cyberbullying is gone. The app After School we reported on yesterday is no longer available in the Apple App Store. It's unclear at this time if it was pulled by Apple or taken down by the publisher

Litigation, Investigation, and Enforcement

Kaspersky: "We have never been asked to whitelist malware" (ITPro) A company blog has revealed neither government nor any other entity has asked it to stop detecting malware

Justice Department Plans New Cybercrime Team (NPR) The leader of the Justice Department's criminal division is expected to announce today the creation of a new unit to prevent cybercrime and work alongside law enforcement, private sector companies and Congress

St. Paul judge allows banks' suit to proceed against Target (Minneapolis Star-Tribune) Banks say data breach cost them tens of millions of dollars

US Marshals Complete Second Auction Of Silk Road Bitcoin (TechCrunch) The US Marshals Service has completed the second auction of Bitcoin seized from the original Silk Road. The auction, consisting of 50,000 BTC, is the latest in a seized BTC sell-off that began in June

76 Chinese Nationals Could Be Behind Hacking Of Accounts And Other Cyber-related Crimes In Kenya (Ghafla!) The country was shell-shocked when 76 Chinese nationals were flushed out of a house in Runda, thanks to the fire that broke out at the house killing one of them and attracting the attention of security officers

Former college professor/FBI informant indicted on federal charges of credit card fraud, identity theft (Cleveland Plain Dealer) A former college professor and FBI informant currently serving a four-year sentence in federal prison for mortgage fraud was indicted Tuesday on charges of operating an identity theft and credit card fraud scheme

German Court Blocks Extradition of "World's Number Two" Hacker to U.S. (Tripwire: the State of Security) Germany's highest court has blocked the extradition of a man accused of having stolen over $60 million in a number of massive global card heists to the United States

To Get Off Russia’s Blacklist, GitHub Has Blocked Access To Pages That Highlight Suicide (TechCrunch) GitHub is slowly navigating the tricky waters of Internet censorship in Russia, using its own platform to track how it's doing it in an effort to remain transparent, but also agreeing to block pages that the regulator says offend content regulations

Design and Innovation

How Startups Can Jumpstart Security Innovation (Dark Reading) One of the best places for CISOs to turn for a cutting-edge cyber security strategy is the burgeoning world of startups. Here's how to find them

One Weird Trick to Stop Facebook Hoaxes (Slate) The social network could be a force for truth — if it wanted to be