Cyber Attacks, Threats, and Vulnerabilities
A Q&A with the hackers who say they helped break into Sony's network (Washington Post) Lizard Squad. That's the hacker group whose name is suddenly on everyone's lips after it took credit for ruining Christmas for PlayStation and Xbox gamers everywhere
FBI Fixated on North Korea for Sony Hack Despite New Evidence (Daily Beast) The agency says Pyongyang acted alone even as more signs point toward the attack starting as an inside job
U.S. suspects North Korea had help attacking Sony Pictures: source (Reuters) U.S. investigators believe that North Korea likely hired hackers from outside the country to help with last month's massive cyberattack against Sony Pictures, an official close to the investigation said on Monday
FBI briefed on alternate Sony hack theory (Politico) FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator — another example of the continuing whodunit blame game around the devastating attack
The Sony Hack Question: If Not North Korea, Then Who? (SecurityWeek) The prevailing narrative for the recent devastating cyber-attack against entertainment giant Sony sounds like a script: a small country angry about a movie about to be released sends a group of elite hackers to stop the film release. But some experts don't believe that's what happened
Stop Saying North Korea Didn't Hack Sony (Business Insider) At this point, anyone who doubts that North Korea helped hack Sony is disagreeing with several top cybersecurity firms and the US intelligence community
Sony hack gives cover to Iran: Column (USA TODAY) With eyes on North Korea, growing threat from Tehran gets overlooked
South Korean nuclear plant finds malware connected to control systems (Verge) After scouring their systems for evidence of a breach, workers at South Korea's nuclear regulator have discovered an embarrassing surprise: a malware-infected device connected to the air-gapped system that controls one of the nation's nuclear reactors. There's no evidence that the malware copied itself over onto the system, and there's also no indication that the program would have had harmful effects if it had made it onto the systems
Cyber Espionage Malware Taps Smartphones, Sends Chills (IEEE Spectrum) A mysterious malware campaign resembling an attack on Russian officials from earlier this year could be the most sophisticated cyberattack yet discovered
NSA Can Circumvent HTTPS, According To Snowden Report (ReadWrite) Monitoring Facebook chats and decrypting Russian email also happens
Tor, TrueCrypt, Tails topped the NSA's 'most wanted' list in 2012 (CSO) Three out of three? That could be the score for the U.S. National Security Agency's cryptographic "most wanted" list of 2012
German government denies falling victim to cyber attack (Deutsche Welle) Germany's government says its offices have not fallen prey to hackers. The malware Regin, which has been linked to US and British spy agencies, was allegedly found on a USB stick belonging to an aide of Angela Merkel
Merkel staffer's laptop infected by US/UK spy malware — report (Russia Today) An aide to the German chancellor has become the victim of a cyber-attack, according to media. The highly-sophisticated Regin virus that was found on her infected USB stick is reported to be a product of British and US spy agencies
Cyber attack on Afghan Government Websites? Was it really an attack? (Khaama) The news was big, Afghan Government websites attacked by Chinese hackers and reported by an American cyber security research company. Local newspapers and TVs started talking about the issue as if our country was attacked and intruded by China! National Security Council begun investigating the issue. What happened later on, none of us really know
Fake "The Interview" app is really an Android banking trojan (Graham Cluley) The must-see movie of the moment is surely not "The Hobbit: Battle of the Five Armies", "Unbroken" or even "Paddington". No, the one movie that everyone is talking about is "The Interview"
Missing AirAsia Flight QZ 8501: Cyber-criminals minting money on your misery (Tech 2) Cyber-criminals now have a new target. They have turned their focus on exploiting the incident of the missing AirAsia Indonesia Flight QZ 8501 which had lost contact with Air Traffic Control yesterday at 7:24 a.m
Facebook Users Targeted Via Android Same Origin Policy Vulnerability (SecurityWeek) Researchers at Trend Micro say attackers are actively exploiting a vulnerability in Android's WebView browser in order to compromise Facebook accounts
Internet Systems Consortium Site Redirects to Angler Exploit (Threatpost) The Internet Systems Consortium website is offline today after the non-profit domain name service maintainer announced its website had possibly become infected with malware
64-bit Version of HAVEX Spotted (TrendLabs Security Intelligence Blog) The remote access tool (RAT) HAVEX became the focus of the security industry after it was discovered to have played a major role in a campaign targeting industrial control systems (ICS). While observing HAVEX detections (known by different vendors as Dragonfly, Energetic Bear, and Crouching Yeti), we noticed something interesting
WTF? Malware spreads via Steam chat (Graham Cluley) If you are one of the many people enjoying playing games via Steam this holiday season, be wary of chat messages inviting you to click on a link
Repackaging HTML5 Apps into Android Malware (TrendLabs Security Intelligence Blog) Predictably, with the finalization of HTML5 standard by World Wide Web Consortium (W3C) last October, there will be a rapid growth of new HTML5 web apps coming out in the near future. Considering the platform independent characteristic in web apps, we foresee that HTML5 will accelerate the repackaging from web apps to mobile apps for malicious intent
Target Hackers Hit OneStopParking.com (KrebsOnSecurity) Parking services have taken a beating this year at the hands of hackers bent on stealing credit and debit card data. This week's victim — onestopparking.com — comes compliments of the same organized crime gang thought to be responsible for stealing tens of millions of card numbers from shoppers at Target and Home Depot
"How a North Korean cyber attack could cripple Britain". The Daily Mail goes bonkers (Graham Cluley) There's nothing like serious journalism, which avoids sensationalism and instead serves up a sensible, level-headed exploration of complex issues for the edification of the public
Cyber Attack Causes Physical Damage at German Iron Plant (eSecurity Planet) The attack caused 'massive damage to the whole system,' according to Germany's BSI
Can malware and hackers really cause giant physical disasters? (Naked Security) Right back to the 1980s, when computer viruses first appeared in any number, people have been asking, "Can malware and hackers cause giant physical disasters?"
USBdriveby, how to compromise a PC with a $20 microcontroller (Security Affairs) USBdriveby is a device designed to quickly and covertly install a backdoor and override DNS settings on an unlocked machine via USB
Re-Gifting Digital Gadgets Can Lead to Identity Theft Woes (PC Magazine) If you received a shiny new gadget for the holidays, you may be thinking about passing your existing device to a new owner. It works just fine, and it's better to pass it on than to throw it away, right?
Cyber attack that blocked out Columbia's website fits in denial-of-service category (Missourian) It was about 11 p.m. on Christmas Eve when city officials became aware of a possible cyber attack on the city government website, gocolumbiamo.com. Work began immediately to resolve the issue
What the ultimate merry prankster can teach the media about hoaxes (Quartz) One of the things I love about New York is Stuyvesant High School, and one of the things I love about Stuyvesant is that Frank McCourt once taught there
That's it, we can never trust bankers again (Quartz) Are all bankers liars? Of course not. Then again
Security Patches, Mitigations, and Software Updates
Facebook Rewards Researcher For Reporting Critical Vulnerability (SecurityWeek) A researcher has found a way to upload potentially malicious code to Facebook's servers by hiding it inside a harmless-looking Microsoft Word document file
Cyber Trends
Sony Fallout: The Terrorists Win Our Networks (InformationWeek) It's time to get serious. Sony hack may mark the end of enterprise networks as we know them
The Year's Biggest Winners and Losers in Privacy and Security (Wired) In most contests the winner isn't simultaneously the loser. But that wasn't the case this past year in the unofficial contest to determine computer security and privacy winners and losers
A 2014 Lookback: Predictions vs. Reality (Dark Reading) It was a tumultuous year for cyber security, but it drove the adoption of incident response plans and two-factor authentication
Standardizing and Strengthening Security for MSPs: Five Key Takeaways (MSPMentor) MSPs face multiple challenges when it comes to the need to secure their customers in the most efficient and scalable way possible. From troublesome users to cumbersome tools to the challenges of onboarding new customers, it can be difficult to consistently and fully protect each endpoint
Marketplace
20 Startups To Watch In 2015 (Dark Reading) Check our list of security startups sure to start (or continue) making waves in the coming year
FBI seeks tech gurus for 'hacking' positions (Chicago Tribune via the Star Tribune) To battle hackers, you have to think like one
Nomura Securities Remains Bullish On FireEye (FEYE) Stock (Bidness ETC) Nomura Securities analyst Rick Sherlund has maintained a Buy rating and a $40 price target on FireEye Inc stock
BAE increases apprentice intake to new record (Telegraph) Defence group BAE Systems has hired a record 710 trainees
BAE turns its fire on tax evasion (Financial Times) With its Eurofighter jets and Bradley tanks, BAE Systems has a long history of protecting countries from military attack. But now it is building weapons to go after an altogether different enemy: tax fraudsters
Phoenix aims to become "Cyber Security Valley" (Arizona Republic) Welcome to "Cyber Security Valley," the emerging label for the Phoenix area, thanks to a concerted effort by successful and well-funded tech security leaders and government agencies
Gene Ray, Jay Cohen to Serve in Interim Exec Roles at Decision Sciences (GovConWire) Decision Sciences International CorpDecision Sciences International Corp. has named former Titan Corp. CEO Gene Ray as interim CEO and former Department of Homeland Security Undersecretary Jay Cohen as interim chief operating officer
Products, Services, and Solutions
The Enormous Implications Of Facebook Indexing 1 Trillion Of Our Posts (TechCrunch) A whole wing of the Internet just got added to our collective conscience, like websites by Google or knowledge by Wikipedia before it
Microsoft Is Rumored To Be Building A New Browser That Is Not Internet Explorer (TechCrunch) Remember when Chrome was fast? Microsoft might, if ZDNet's Mary Jo Foley's recent report that the software company is building a lightweight browser, codenamed "Spartan," bears out
Technologies, Techniques, and Standards
Will 2015 be the year we finally do something about DDoS? (Internet Storm Center) Among the events of the past few days during the holidays was a DDoS attack on Sony's Playstation network and on Xbox Live's network. The attack was reportedly carried out by a group called Lizard Squad and by all measures is not precisely the profile of a highly sophisticated attack. Such attacks have increased in both intensity and frequency in the past year but, to an extent, are not terribly new
Is Threat Intelligence Actually Fueling Prevention? (Infosecurity Magazine) Phishing remains all too easy for today's hackers, with the latest ruse involving emails purporting to be from the World Health Organization concerning Ebola. A major problem with digital communication is that it's often difficult to differentiate between an authentic email and one that's been falsified. Basic security intelligence is championed as a crucial way of protecting business infrastructure — whether it's looking for unusual changes in URL hyperlinks or the anomalous use of certain names in email 'from' fields — as this can indicate if malicious activity is at work inside a business, or attempting to penetrate it. However, a big question is 'how much of the threat intelligence data gathered is actionable?'
What Makes a Great Risk Management Team? (Chartered Management Institute) Keeping steady hands on the corporate tiller, risk managers have very specific traits that can flourish in contrasting yet complementary ways
Information Security and Enterprise Risk: How Do They Relate? (RSA: Speaking of Security) As of 2014, information security has become a board-level concern. Senior business executives — including the president, chairman, and board of directors — are paying attention to enterprise risk and information security in a way they never have before
The Right Security Framework For Your Small Business (Tripwire: The State of Security) So you're a small business. You may be a small school district, a local restaurant chain, or even a non-profit helping your community; whatever you are though, resources are tight, especially when it comes to IT. With the tidal wave of security incidents in the news lately you are curious about how to better secure your information
Design and Innovation
Cheap randomness — real security (ZDNet) Modern cryptography protocols require real randomness. Sadly, most Random Number Generators (RNG) are pseudo-random and, therefore, hackable. Here's a cheap RNG for the rest of us
Academia
RIT cyber-security scholarship (13WHAM) The Rochester Institute of Technology has established a cyber-security scholarship program called "CyberCorps Scholarship for Service"
Legislation, Policy, and Regulation
Chinese internet users 'should accept blocking of Gmail in China': Global Times (South China Morning Post) An editorial in the Chinese newspaper Global Times this morning said Chinese internet users should accept the blocking of Gmail
Backlash in Berlin over NSA spying recedes as threat from Islamic State rises (Washington Post) In a crescendo of anger over American espionage, Germany expelled the CIA's top operative, launched an investigation of the vast U.S. surveillance programs exposed by Edward Snowden and extracted an apology from President Obama for the years that U.S. spies had reportedly spent monitoring German Chancellor Angela Merkel's cellphone
Officials Taking Aim At Cyber Risks (InsuranceNewsNet) Federal and state officials are ramping up their efforts to deal with cyber risks, a risk highlighted by the recent high-profile data breach at Sony Pictures
Litigation, Investigation, and Law Enforcement
NSA Reports to the President's Intelligence Oversight Board (IC on the Record) Late last week, in response to a Freedom of Information Act lawsuit, the NSA released reports previously submitted to the President's Intelligence Oversight Board from the fourth quarter of 2001 to the second quarter of 2013 as well as four annual reports
The NSA's Ongoing Efforts to Hide Its Lawbreaking (Atlantic) The spy agency touts its commitment to transparency and following the rules. But there are many good reasons to reject its characterizations
Kremlin critic Alexei Navalny gets suspended sentence but brother jailed (Guardian) Navalny, who led anti-Putin protests, was sentenced for embezzlement in trial seen as part of campaign to stifle dissent
Что хочу сказать (Navalny) Ведь штука в том, что в Кремле сидят уже даже не деловитые жулики: воры,
которым улыбнулась удача в виде Ельцина, передавшего им власть в 1999
году и материализовавшие свою фартовость в миллиарды долларов на
швейцарских счетах от продажи ресурсов нашей страны
Bitcoin Extortionist Swatting Cryptographers (Cryptocoins News) When Satoshi Nakamoto, a name widely believed to be a pseudonym for a small group, published the specifications for Bitcoin back in 2008 the effort was not widely recognized at first. One of those who did understand the implications was cryptographer Hal Finney. His early entry into mining Bitcoin provided him with the funds he and his wife Fran needed for his five-year battle with Lou Gehrig's disease