Cyber Attacks, Threats, and Vulnerabilities
New IE 10 Zero-Day Used in Watering Hole Attack Targeting U.S. Military (Security Week) Security researchers from FireEye have discovered a new IE 10 Zero-Day exploit (CVE-2014-0322) being used in a watering hole attack on the US Veterans of Foreign Wars' website
Microsoft investigating new IE9 and IE10 zero-day flaw exploited in targeted attacks (The Next Web) FireEye Labs today discovered a new zero-day vulnerability in Internet Explorer 9 and Internet Explorer 10 being exploited on a website based in the US. No user interaction is required: just visiting a compromised website is enough to trigger a classic drive-by download attack, download and install a payload from a remote server. We contacted Microsoft and the company confirmed with us that it is investigating
New zero-day bug in IE 10 exploited in active malware attack, MS warns (updated) (Ars Technica) Exploit hosted on hacked, US-based website commandeers visitors' PCs
Researchers Discover New Campaign Targeting American Miltary Personnel (CSO Salted Hash) Researchers, after investigating a new Zero-Day attack, have discovered a new campaign targeting American military personnel
Third of Internet Explorer users at risk from active attacks (ComputerWorld) Microsoft confirms both IE9 and IE10 contain vulnerability, urges customers to upgrade to IE11; leaves Vista users out in the cold
Vulnerabilities in home routers used for compromising bank accounts (SC Magazine) Researchers have observed attackers using DNS redirection attacks due to bugs in home routers. CERT Polska researchers have observed attackers using DNS redirection attacks — made possible due to vulnerabilities in home routers — to effectively access online banking accounts in Poland
Linksys home routers targeted and compromised in active campaign (Help Net Security) A yet undetermined vulnerability affecting certain Linksys WiFi routers is being actively and massively exploited in the wild to infect the devices with a worm dubbed "TheMoon", warns SANS
Security, functionality gaps exist in beacon deployments (FierceMobileIT) Security and functionality gaps exist in beacon deployments at retailers and other early adopters, warns Mobiquity Labs, an applied tech lab set up by mobility firm Mobiquity
Fake SSL certificates used to impersonate Facebook, Google, banks (Help Net Security) Analysts with UK-based Internet research firm Netcraft have discovered a considerable number of fake SSL certificates in the wild, created to impersonate banks, social networks, payment and ecommerce
Mac Bitcoin-stealing Trojan lurks on download sites and GitHub (Help Net Security) CoinThief, the recently discovered Bitcoin-stealing Trojan that targets Mac users, has been spotted being offered on several download websites such as CNET's Download.com and MacUpdate.com, as well as
Bogus Microsoft "Reactivate Your Email Account" emails doing rounds (Help Net Security) Phishing emails purportedly sent by Microsoft are targeting the company's customers and trying to get them to reveal their login credentials and some personal information. The given pretext is that
Fake "Track Shipments/FedEx" Emails Used to Distribute Malware (Softpedia) The emails carry the subject line "Track shipments/FedEx" and they contain information on the alleged shipment
Android apps with Trojan SMS malware infect 300,000 devices, net crooks $6m (V3) The apps reportedly infect users' handsets via a bogus permissions notification, which when agreed to instigates a complex process that forces the victim to send text messages to a premium-rate number owned by the hackers
Forbes website hacked by the Syrian Electronic Army (Graham Cluley) Once again, a well-known media establishment has fallen victim to the hackers of the notorious Syrian Electronic Army (SEA). This time it's Forbes which has "published" an eyebrow-raising headline
Tesco customers' usernames and passwords exposed by hackers (Graham Cluley) A list revealing more than 2000 usernames and passwords, belonging to owners of Tesco Clubcards, has been published on the internet raising concerns once again about how accounts are protected from online criminals
Las Vegas Sands Cites Progress on Sites After Hacker Attack (Bloomberg) Las Vegas Sands Corp. (LVS), its websites down for a third day after a cyber-attack by hackers, said it was making progress toward restoring service and repairing its internal systems in the U.S
State Says Cyber Attack 'An Orchestrated Intrusion From A Foreign Entity' (OPB) The Oregon Secretary of State's website says that a recent cyber attack appears to be "an orchestrated intrusion from a foreign entity"
How hackers stole millions of credit card records from Target (ZDNet) How did the cyberattack on Target, which resulted in the theft of millions of records, take place
Hackers circulate thousands of FTP credentials; New York Times among those hit (ComputerWorld) A list of compromised FTP credentials is circulating in underground forums
Security Patches, Mitigations, and Software Updates
ASUS Fixes Vulnerabilities in RT-N66U, RT-N66R and RT-N66W Routers (Softpedia) ASUS has released firmware updates for ASUS RT-N66U (Ver.B1), RT-N66R and RT-N66W routers. Version 3.0.0.4.374.4422 brings several improvements, but it also addresses a total of five security issues
Cyber Trends
Statistics point to increased physical danger risks of cyberterrorism (CSO) Are current laws enough to prevent the growing threat of cyber terrorists? "Traditional terrorism refers to violent acts that indiscriminately target civilians," says Jon Iadonisi, former Navy SEAL, cyber security expert and co-founder, White Canvas Group. Traditional terrorists are largely interested in achieving or thwarting political or ideological goals in the process. "Cyberterrorism invokes the specific use of computer networks to induce violence against innocent civilians," says Iadonisi
Study finds attack detection takes too long (SC Magazine) Critical shortcomings in the current approach to cyber security and incident response are putting companies at risk, with 86 percent of respondents to a Ponemon Institute study saying that it takes too long to detect a cyber attack
Some IT security pros would lie to CEO about cyberattack (FierceITSecurity) A full 36 percent of IT security pros say that they would tell the CEO and board of directors that a cyberattack had been resolved even if they didn't know that it had been, according to a survey of 1,083 IT security pros in the U.S. and Europe by the Ponemon Institute on behalf of threat intelligence provider AccessData
Work/Life Business Puts Businesses at Risk of Cyber-Attack (Fresh Business Thinking) The shifting boundaries between work and home life mean staff at many small businesses are unwittingly putting their employers at risk of cyber-attack, according to TalkTalk Business
Modern threats require better risk management (IT Web) Risk managers need to have meaningful data, to make informed decisions about processes and tools, says Simon Campbell-Young, CEO of Phoenix Distribution
Marketplace
Cyber security talent goes to the highest bidder (Computing) When former White House cyber security co-ordinator Howard Schmidt congratulated the UK government for the launch of its Cyber Security Information Partnership scheme in March 2013, he said: "What you've been able to do in two years has taken us about 17 years to do"
IAI opens cyber R&D center in Singapore (Jerusalem Post) Israeli defense corporation aims to find new techniques and technologies to provide early warnings of impending cyber attacks
DHS Hire Booz to Finish Cyberattack Drill Job (Nextgov) The Homeland Security Department has decided to extend a contract for help on a biennial cyberattack drill with Booz Allen Hamilton
BlackBerry laughs at Samsung's Knox security struggles (BGR) Let BlackBerry clue you in, Samsung: It is not to be laughed at; it is the laughter. It is the one who mocks. BlackBerry Global Enterprise Services president John Sims this week wrote up a scathing putdown of Samsung's Knox security service, which he deemed woefully inadequate compared with BlackBerry's own mobile security offerings
Products, Services, and Solutions
Google cloud platform to be HIPAA compliant, support BAAs (FierceHealthIT) Google, following up on its move late last year to enter into business associate agreements enabling its Google Apps customers to support HIPAA-regulated data, recently announced that its cloud platform will support BAAs, as well
Technologies, Techniques, and Standards
NIST cybersecurity framework: How it will impact healthcare (FierceHealthIT) In its long-awaited cybersecurity framework, the National Institute of Standards and Technology heeded the call from the American Hospital Association and others to keep it flexible and voluntary in the private sector
Privacy high on agenda for second cybersecurity framework revision (FierceGovIT) Although the National Institute of Standards and Technology backed down from including a dedicated privacy appendix in the newly released critical infrastructure cybersecurity framework, it hasn't given up on the prospect of including privacy controls in future iterations of the framework
NTIA wary of gTLD explosion (FierceGovIT) The National Telecommunications and Information Administration is concerned that new generic Top-Level Domains being made available by the Internet Corporation for Assigned Names and Numbers may not be considering consumer protections
How to keep your data safe from even a supernova (Chicago Tribune) If you're worried about whether the government, or anyone else, can read your emails, I have good news and bad news. The bad news is that a determined, well-resourced attacker will almost always find a way. The good news is that you can take basic steps to protect your privacy, and those steps most likely will make a difference
Legislation, Policy, and Regulation
Iran's supreme leader tells students to prepare for cyber war (Russia Today) Ayatollah Ali Khamenei has delivered a sabre-rattling speech to Iran's 'Revolutionary foster children' (in other words, university students) to prepare for cyber war.
NSA snooping: MEPs table proposals to protect EU citizens' privacy (Help Net Security) The European Parliament should withhold its consent to an EU-US trade deal unless it fully respects EU citizens'data privacy, says an inquiry report on NSA and EU member states surveillance of EU citizens, approved by the Civil Liberties Committee on Wednesday. It adds that data protection rules should be excluded from the trade talks and negotiated separately with the US
German official doubtful on binding no-spy deal (Washington Post) The German government's new coordinator for trans-Atlantic relations says he doubts talks aimed at securing a "no-spy" agreement with the U.S. will produce a deal that's legally binding
Low capture rate undermines rationale for bulk telephone metadata, says Sen. Blumenthal (FierceGovIT) Reports that the National Security Agency stores records of less than a third of telephone calls passing through U.S. carrier switches undermines its stated rationale for the bulk telephone metadata program, charged Sen. Richard Blumenthal (D-Ore.) during a congressional hearing
'The Day the Internet Fights Back' falls flat (Deseret News) Well, that was a dud
Interagency individual data sharing protocols unclear in implementation, says GAO (FierceGovIT) There's confusion within the federal government regarding the requirements for setting up information exchanges between agencies, finds the Government Accountability Office in a newly released Jan. 13 report
Groups defend DATA Act from OMB suggestions (FierceGovIT) A coalition of advocacy groups criticized the Obama administration for revisions it proposed to the Digital Accountability and Transparency Act in a Feb. 11 letter to the president
Litigation, Investigation, and Law Enforcement
NSA employee implicated in Snowden probe resigned, memo says (Washington Post) A National Security Agency employee has resigned from his job after admitting to FBI investigators that he allowed Edward Snowden, then an NSA contractor, to use his personal computer credentials to gain access to classified information, according to an agency memo
New global partnership to fight cybercrime (Help Net Security) Microsoft announced three new global partnerships with the Organization of American States, Europol and FIS to increase cooperation between international law enforcement and the private sector in combatting cybercrime and helping build a safer Internet
Irish research key to bringing down SpyEye creator (Irish Times) Cork-based experts help FBI track major online fraudster