The CyberWire Daily Briefing 02.26.14

Cyber Trends

Cybersecurity threats against aviation on the rise (FierceITSecurity) Cybersecurity threats targeting airports, airlines and air traffic control systems are on the rise, creating a $1.7 billion opportunity for IT security providers this year, estimates market research firm Visiongain

Grayware: Casting a Shadow over the Mobile Software Marketplace (Symantec) One of the most problematic areas in mobile security today is "grayware." The dividing line between legitimate software and malware is not clearly drawn and grayware often occupies this murky middle ground

Is Cyber Resilience the Future of Cyber Security? (IT Governance Blog) Forward thinking leaders, including Alan Calder, founder of IT Governance Ltd, predict that "cyber resilience will become a big thing in the next 5 years"

Nearly half of companies assume they have been compromised (Help Net Security) A majority of organizations are operating under the assumption that their network has already been compromised, or will be, according to a survey conducted by the SANS Institute on behalf of Guidance Software

New Survey Indicates Rise Of Data Loss In Education Sector (Information Security Buzz) Almost half of respondents to a survey by iStorage at education technology show Bett 2014 reveal losing portable storage devices containing confidential data

IT leaders indifferent to unknown threats generated by mobile, cloud technology (FierceITSecurity) IT leaders are not concerned about unknown security threats generated by BYOD, mobility, cloud computing and Internet usage, according to a survey of 1,440 global IT leaders by Vanson Bourne on behalf of Dell

Australian companies are world's second most-attacked: Fortinet (CSO) Customers in Australia comprised a third of all malware victims reported to security research facility FortiGuard Labs during 2013, according to new figures in Fortinet's 2014 Threat Landscape Report

Legislation, Policy and Regulation

White House Weighs Four Options for Revamping NSA Phone Surveillance (Wall Street Journal) Proposals range from running program through phone companies to ditching it altogether

Le rapport interministériel sur la cybercriminalité à nouveau reporté (PCINpact) Avec trois mois de retard sur le calendrier initial, les conclusions du groupe de travail interministériel sur la cybercriminalité seront remises au gouvernement la semaine prochaine. Jean-Marc Ayrault en a fait l'annonce ce matin, lors de l'inauguration des nouvelles installations de l'Agence nationale de la sécurité des systèmes d'information

DHS intelligence nominee pledges to provide industry better threat data (Inside Cybersecurity) Francis Taylor, the White House's nominee to be the Department of Homeland Security's under secretary for intelligence and analysis (I&A), said Tuesday that if he is confirmed by the Senate he will improve the threat information that DHS provides industry

NATO debates policy for cyber defense of public and private sectors (Inside Cybersecurity) The prospect that NATO might formally do more to prevent and mitigate cyber threats to governments and critical infrastructure looms this week as the alliance prepares for a defense ministerial in Belgium that will pave the way for a major fall summit in Wales

Products, Services, and Solutions

Fighting malware with malware logic, Shape Security secures $40M (VentureBeat) Shape Security adopts one of malware's key strategies — altering its code to avoid detection — to protect enterprises from cyberattacks. It calls its product ShapeShifter

Damballa Addresses Advanced Threat Protection with HP (Yahoo Finance) Damballa, the experts in advanced threat protection and containment, today announced technology interoperability with HP that provides enhanced visibility of advanced threats within a network, automating and streamlining prevention and remediation. As a result, enterprises can reduce time to containment and the manpower required to keep up with advanced threat

Booz Allen Unveils New Approach to Address Reform; Angela Zutavern Comments (Executive Mosaic) Booz Allen Hamilton has rolled out a program designed to help enterprises deal with what Angela Zutavern, vice president and Strategic Innovation Group leader, terms as the "new normal" of constant change associated with reforms and compliance

RSA announces Managed Security Partner programme (Computer Weekly) RSA, the security division of EMC, has announced a programme designed to enable a new generation of managed security services

Skybox Security Announces Skybox View Enterprise Suite 7.0 (Fort Mill Times) Skybox Security, the leading provider of risk analytics for cyber security, today announced the achievement of a record milestone for integrations with network devices and security management systems, continuing Skybox Security's lead as the most comprehensive context-aware analytics solution for enterprise IT security

Blue Ridge® Networks and AOL Partner to Bring AOL Tech Fortress Powered by AppGuard® to AOL Members (PRNewswire) Blue Ridge Networks, a leading provider of cybersecurity solutions to government, enterprises and consumers, today announced that AOL has commenced distribution of AOL Tech Fortress powered by AppGuard to its members

Guidance Software and Blue Coat Join Forces to Provide a 360-Degree View of Advanced Threats and Security Risks (Wall Street Journal) Guidance Software, Inc. (NASDAQ:GUID), the World Leader in Digital Investigations™, and Blue Coat Systems, Inc., the market leader in business assurance technology, today announced that they are partnering to deliver a groundbreaking approach for detecting evasive cyber threats. The partnership will integrate EnCase® Cybersecurity with the Blue Coat Security Analytics Platform to provide an unprecedented level of visibility into both network traffic and endpoint devices that will enable enterprises to close the gap between breach and detection

WhitePages Current For Android Now Protects Against "One Ring" Scam (TechCrunch) WhitePages Current, a free Caller and text identification application for Android users, has been updated today to counter the plague that is the "one ring scam." In case you're unfamiliar, scammers are now trying to exploit smartphone owner's "missed call" screen by programmatically dialing thousands of numbers per hour, all of which they immediately hang up on after just one ring

Free vulnerability management service for SMBs (Help Net Security) Tripwire debuted Tripwire SecureScan, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks

Free cloud anti-spam email service for small businesses (Help Net Security) Halon Security announced Inumbo.com, a contract-free, pay-as-you-go cloud anti-spam email service for small businesses

Identify and fix vulnerabilities in your SSL certificates (Help Net Security) DigiCert announced DigiCert Certificate Inspector, a tool designed to quickly find problems in certificate configuration and implementation, and provide real-time analysis of an organization's entire certificate landscape, including SSL termination endpoints

Cisco Quantum Virtualized Packet Core Demonstrates Industry-Leading Portability, Enabling Service Providers to Offer Mobile Internet Services (Wall Street Journal) At the GSMA Mobile World Congress 2014, Cisco (NASDAQ: CSCO) today announced that its Cisco Quantum(TM) Virtualized Packet Core (Quantum vPC), a software solution of the new Cisco Evolved Services Platform

FireEye launches security platform with 24/7 threat monitoring (ZDNet) FireEye has launched a managed defense subscription service to give enterprise users 24x7 continuous monitoring against cyberattacks

First Anti-Mobile Malware Diagnostics Solution Is NOW Available (Information Security Buzz) Cellebrite, the leading provider of retail mobile data solutions, and Webroot, a leader in cloud-based security intelligence solutions, today announced a technology partnership

A Closer Look At Blackphone, The Android Smartphone That Simplifies Privacy (TechCrunch) One of the more interesting devices here at Mobile World Congress is Blackphone: a pro-privacy handset being developed by Spanish startup Geeksphone, in partnership with U.S. security company Silent Circle using a "security-oriented" Android build called PrivatO

Veracode Launches Software Composition Analysis Service (Dark Reading) Integrates software composition analysis (SCA) with application security analysis in a cloud-based platform

Technologies, Techniques, and Standards

Cloud security tools only half the battle against shadow IT (TechTarget) A majority of businesses reported they bypass corporate IT departments to deploy cloud services; what are IT pros to

Not Your Typical Hackathon: Symantec's Cyberwar Simulation Transforms Employees into Criminals (Fast Company) For years, tech companies have turned to hackathons to rapidly build new products, foster team bonding, spur innovation—and squeeze out extra man hours from employees. But at Symantec's Mountain View, Calif., headquarters last week, the security software company hosted a different kind of hackathon: Employees were tasked with breaking into a fictitious bank

ICANN SSAC on DDoS, DNS and BCP 38 (Spamhaus) ICANN's Security and Stability Advisory Committee (SSAC) document Advisory on DDoS Attacks Leveraging DNS Infrastructure, published this week, provides a much-needed touchstone for the Internet in its current state. DDoS attacks, such as the one directed at Spamhaus last spring, continue to grow in size

Marketplace

BlackBerry's Chen Would Consider BBM Sale, Spinoff in Future (Bloomberg BusinessWeek) BlackBerry Ltd. (BBRY:US) Chief Executive Officer John Chen said he'd eventually consider spinning off or selling the smartphone maker's BlackBerry Messenger service once he's built it into a more formidable competitor

IBM Buys Cloudant, Eyes Amazon's Turf (InformationWeek) IBM's planned Cloudant buy will advance cloud-based database services, but can the underlying database compete against Amazon DynamoDB, MongoDB, Couchbase, and DataStax

Mt.Gox has VANISHED. So where have all the Bitcoins gone? (The Register) Rumours swirl of buyout, 750,000 AWOL BTC

Bitcoin's life-or-death moment (BBC) Like many, I am gripped by the concept of Bitcoin. I am not talking about the value of the individual bits of the new virtual currency, which has had a somewhat volatile history and is currently spiralling down

Mt Gox is dying. That's a good thing for Bitcoin. (The Week) Bitcoin can do better than an overwhelmed website formerly known as a hub for trading Magic the Gathering cards

The bitcoin industry embraces what it was built to avoid—rules and regulation (Quartz) Bitcoin was designed to be unregulated by any government or central authority. But according to some of the cryptocurrency's biggest supporters, the crash of the prominent bitcoin exchange Mt. Gox is the latest sign that bitcoin needs to adopt some sort of oversight if it is going to survive and thrive

Panda Security Positioned As "Visionary" in of Gartner's Magic Quadrant for Endpoint Protection Platforms (PRWeb) Company moves from 'Niche Players' to 'Visionaries' Quadrant

Working with security customers and vendors (TechDay) Hamish Soper, Check Point Software Technologies New Zealand country manager looks at strategies to create real value for customers when selling security

Emanuele Conti Named Kroll CEO; Charlie Gottdiener Comments (Executive Mosaic) Emanuele A. Conti, Dun & Bradstreet North America president, will become the chief executive at Kroll Inc., effective April 1. Conti will be responsible for all operations at Kroll, a global provider of cybersecurity solutions, data, information and ediscovery services, the company announced Monday

CSG Invotas Introduces Board of Advisors (Wall Street Journal) CSG Invotas, the exciting new enterprise security business from CSG International, Inc. (NASDAQ: CSGS), today announced the addition of two new members to its advisory board

Cyber Defense Magazine Names RiskVision Most Innovative Risk Management Product of 2014 (Herald Online) Agiliance®, Inc., the Big Data Risk Company™ and leading independent provider of integrated solutions for Operational and Security Risk programs, today announced that Cyber Defense Magazine (CDM) has named RiskVision™ Most Innovative Risk Management Product in its 2014 Most Innovative InfoSec Awards competition

How investors should play the cybersecurity war (CNBC) As companies and governments battle to protect their systems from the threat of online attacks and malware, Bank of America Merrill Lynch has published a list of stocks that could gain from the global drive to improve cybersecurity

Research and Development

DARPA Targets Counterfeit Electronics (InformationWeek) Defense Advanced Research Projects Agency's SHIELD program aims to develop a method to authenticate electronic components

DARPA seeks to automate battlefield decision aids (GCN) Today's battlefield commanders have a spectrum of flexible and powerful tools, including manned and unmanned platforms, weapons, sensors and electronic warfare systems that interact over robust satellite and tactical communications links

Google's Schmidt: We don't (yet) have a connection inside your brain (C/Net) Google's Schmidt: We don't (yet) have a connection inside your brain. In conversation with Glenn Beck, Google's executive chairman explains that humans can still occasionally be useful — for now

A New Laser for a Faster Internet (California Institute of Technology) A new laser developed by a research group at Caltech holds the potential to increase by orders of magnitude the rate of data transmission in the optical-fiber network—the backbone of the Internet

Security Patches, Mitigations, and Software Updates

Apple releases OS X 10.9.2 patching SSL vulnerability and updates Safari (Internet Storm Center) Apple has released an update for OS X which patches the SSL vulnerability discussed by Rick on Sunday. For more information visit Apple's page about it. In addition, Apple has also released a security update for Safari and QuickTime

If You Haven't Updated to iOS 7.0.6, Do it NOW so You Don't Get Hacked (Complex Tech) "It's as bad as you could imagine, that's all I can say," Johns Hopkins University cryptography professor, Matthew Green, told Reuters

Microsoft testing EMET's new protection mechanisms (Help Net Security) Just as researchers made public their successful attempt of creating attack code for bypassing the protections of the latest version of Microsoft's Enhanced Mitigation Experience Toolkit (v4.1), the Redmond giant has announced the preview release of EMET 5.0

Cyber Attacks, Threats, and Vulnerabilities

Official websites of WWF and Earth Hour Philippines Hacked by Indonesian hackers (HackRead) The official websites of World Wildlife Fund (WWF) and Earth Hour Philippines have been hacked and defaced by Indonesian based hacking group Gantengers Crew

Hacktivists Target Philippines Government Sites in Protest Against Cybercrime Law (Softpedia) Anonymous hackers have once again targeted several websites of the Philippines government. The hacktivists are protesting against a provision of the Cybercrime Prevention Act that violates freedom of speech

Scientists demonstrate first contagious airborne WiFi virus (PhysOrg) Researchers at the University of Liverpool have shown for the first time that WiFi networks can be infected with a virus that can move through densely populated areas as efficiently as the common cold spreads between humans

Mac users warned against using public Wi-Fi networks (MacWorld) Connecting to unsecured networks not advisable for Apple users until patch is released for vulnerability

Mac malware spread disguised as cracked versions of Angry Birds, Pixelmator and other top apps (Graham Cluley) Mac users are warned not to download pirated software from file-sharing peer-to-peer networks, as ESET researchers have discovered Bitcoin-stealing malware being spread via cracked apps. Learn more in my article on the We Live Security blog

British Airways e-ticket malware attack launched via email (WeLiveSecurity) If you have received an unexpected email, claiming to come from British Airways, about an upcoming flight that you haven't booked — please be on your guard

IE Zero-day Exploit Being Used in Widespread Attacks (CIO) The exploit is being distributed from many compromised websites around the world, researchers from Symantec said

Dissecting the newest IE10 0-day exploit (CVE-2014-0322) (Bromium Labs) Few days ago the news about a fresh Internet Explorer 10 zero-day exploit popped up. Now the exploit code is publicly available and we managed to analyze the vulnerability and find out some details that were not mentioned so far. At the time of writing this blog, this exploit is still unpatched

ZeuS KICKS that SaaS: Trojan raids Salesforce.com accounts (The Register) Miscreants have forged a variant of the infamous ZeuS banking Trojan that targets enterprise data held by clients of CRM giant Salesforce.com

Android Botnets Hop on the TOR Train (Malwarebytes Unpacked) Botnet creators have attempted numerous tactics for hiding their presence, traffic and locations of their command and control (CnC) servers

EC-Council Says Its Servers Haven't Been Hacked (Softpedia) The EC-Council denies that its website has been hacked. The organization says that the hacker simply redirected the site's visitors via a DNS hijack to a defacement page hosted with a company located in Finland

Are you sure you want to unsubscribe from our mailings? (SecureList) Spammers are relentless in their attempts to bypass anti-spam filters and confuse recipients of spam. Recently we detected a mass mailing disguised as an automated reply to a request to unsubscribe from a news blog. The authors noted their regret at losing one of their subscribers and asked if the user really wanted to unsubscribe

Non-profit tax forms posted by IRS expose 630,000 SSNs (Help Net Security) An estimated 630,000 social security numbers (SSNs) on non-profit organizations' tax returns—Form 990s—have been posted online by charities and the IRS since 2001, leaving unprotected consumers at risk

How a founder almost lost his entire startup to social engineering (FierceCIO: TechWatch) The co-founder of a tech startup recently shared the story of how he almost lost access to his company's online service, which was hosted entirely on Amazon's EC2 cloud infrastructure. This was an almost eerie reenactment of what happened to a developer who lost his $50k Twitter account, with the only exception being that disaster was averted in this instance—though only narrowly so

Dubai residents falling victims to sexual blackmail via social media (Emirates 24/7) Professional gangs lured men to appear naked in the front of webcams, recorded scenes and then blackmail them

Wot a COCKUP: Poorly NHS websites spawn SPAMMY VIAGRA ads (The Register) Up to individual orgs to deal with security, sniffs HSCIC

Stolen Laptop Exposes 1,100 Indianapolis Hospital Patients' Data (eSecurity Planet) The unencrypted laptop contained patients' names, birthdates, genders, dates of service, types of service and physician names

Memphis Police Department Acknowledges Year-Old Data Breach (eSecurity Planet) An undisclosed number of Social Security numbers and driver's license numbers were exposed in April of 2013

Academia

MSU makes top three in cybersecurity education ranking (Mississippi Business Journal) According to a Hewlett Packard-sponsored survey by the Ponemon Institute, Mississippi State University's cybersecurity courses and degree programs rank among the top three for academic excellence and practical relevance

Litigation, Investigation, and Enforcement

NSA watchdog: Snowden should have come to me (Politico) The National Security Agency's top watchdog slammed Edward Snowden on Tuesday for failing to follow official protocol in relaying his concerns about wayward intelligence gathering and also faulted Congress for not vetting the details of post-9/11 surveillance programs

Japanese authorities looking into Mt. Gox amid US subpoena report (TechWorld) Tokyo is trying to grasp the facts surrounding the bitcoin exchange, which has been shut down

Settlement talks in landmark data-breach case postponed (Inside Cybersecurity) A federal district court has postponed for more than two months a settlement conference in a data-breach case that could determine the Federal Trade Commission's authority to require security measures

Surveillance evangelist arrested in California in bribery investigation (Ars Technica) Jose Susumo Azano Matsura wanted to expand his spying business in the US

Stoke-on-Trent man, 43, to be charged with attack on Home Office and Theresa May websites (Stoke Sentinel) Mark Lynden Johnson was arrested after Theresa May's website and the Home Office site suffered a cyber attack in 2012

Twitter restores $50,000 @N username to its owner (Ars Technica) A simple social engineering attack lost Naoki Hiroshima a very valuable handle

Two Men Jailed for Identity Theft at Medical Lab (eSecurity Planet) Angelo Ponds and Sean Guillaume were sentenced to 48 months and 94 months in prison, respectively

Design and Innovation

A Plan to Rebuild Computer Security From the Ground Up (Wired) Martin Casado once worked on some of the most secure computer networks ever built. And keeping them secure, he says, was a complete nightmare

The Fingerprint Scanner On The Samsung Galaxy S5 Will Be Accessible By Developers (TechCrunch) Samsung's Galaxy S5 includes a fingerprint scanner embedded in the home button, and that hardware will be made available to third-party devs, the company announced

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

RSA Conference USA (San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each year, educational sessions feature new and returning educational tracks you won't find anywhere else.

Nellis AFB - Technology & Cyber Security Expo (Las Vegas, Nevada, USA, February 26, 2014) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case last year, the 2014 event will once again have a Cyber Security theme. This is an excellent opportunity for any technology or cyber company to meet with the personnel at Nellis AFB, as well as the local AFCEA members.

cybergamut Technical Tuesday: Virtualization Technologies in Cyberwarfare (Columbia, Maryland, USA, March 11, 2014) Virtualization is often talked about in the context of cloud computing, cost savings and enterprise environments. In this talk, Jason Syversen of Siege Technologies will introduce Intel, AMD and ARM virtualization architectures and describe novel approaches to implementing virtualization technology / hypervisors for offensive and defensive cyber security applications. Case studies will be presented for malware detection, reverse engineering, code protection, security testing, stealthy code and other applications.

Reducing the Nation's Cyber Risk: White House Insights on the President's Critical Infrastructure Framework (New York, New York, USA, March 11, 2014) The Fordham School of Professional and Continuing Studies and the Fordham Computer and Information Science Department present this informative panel, open and free to the public.

Cybersecurity Tax Credits Webinar (Online, March 11, 2014) Learn about tax credits designed to help your cybersecurity company grow in Maryland. Details will be presented by Jeffrey Wells, Executive Director of Cyber Development and Mark Vulcan, Esq., CPA, Program Manager, Tax Incentives for the Maryland Department of Business & Economic Development. 2-3:00 p.m. EDT.

ICS Summit 2014 (Lake Buena Vista, Florida, US, March 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security.

Security Policy Reform Implications for Industry: Maintaining Momentum for Transformational Change (Chantilly, Virginia, USA, March 20, 2014) Join INSA's Security Policy Reform Council for Security Policy Reform Implications for Industry: Maintaining Momentum for Transformational Change at the SI Organization in Chantilly, VA. This unclassified, but sensitive Symposium will be off the record, and will bring together stakeholders from the executive and legislative branches as well as their counterparts in the private sector. Following unprecedented attention on the security clearance process in 2013, 2014 promises to be a year of consequence to a fundamental aspect of how the IC carries out its mission. This Symposium will provide attendees an opportunity to participate in the current debate and learn about future technologies that will influence security policies and procedures.

MCT-Congress: Going Mobile with Clinical Trials (Edinburgh, Scotland, UK, March 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have on the clinical research process.

Fourth Annual China Defense and Security Conference (Washington, DC, USA, March 25, 2014) The Jamestown Foundation will hold its Fourth Annual China Defense and Security Conference on March 25 in Washington, D.C. In keeping with the Foundation's mission, the conference will focus on understanding China's rising military power and strategy by carefully examining Chinese-language sources. Speakers at the conference will provide an extensive overview of recent developments in military training and operations reform, and take on challenging questions in Chinese foreign policy, including considerations of the role of cyber-warfare in Chinese strategic thought.

SEC Cybersecurity Roundtable (Washington, DC, USA, March 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies, and how they are addressing those concerns.

ISSA Colorado Springs — Cyber Focus Day (Colorado Springs, Colorado, USA, March 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).

Financial Incentives for Cybersecurity Businesses (Elkridge, Maryland, USA, March 27, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax Credit) and the latest details on the Maryland Small Business Financing Authority's newest program for small businesses looking for investment dollars.

Corporate Counter-Terrorism: the Role fo Private Companies in National Security (Washington, DC, USA, March 28, 2014) The 2014 American University Business Law Review Symposium will address the growing role of corporate America in governmental counter-terrorism programs, including the bulk metadata and PRISM surveillance initiatives. John Carlin, Assistant Attorney General for National Security, will deliver the keynote. Other speakers will include current and senior officials from the Justice Department, National Security Agency, Office of the Director of National Intelligence, FBI, DHS, Google, and Microsoft.

Corporate Counter-Terrorism: the Role of Private Companies in National Security (Washington, DC, USA, March 28, 2014) The 2014 American University Business Law Review Symposium will address the growing role of corporate America in governmental counter-terrorism programs, including the bulk metadata and PRISM surveillance initiatives. John Carlin, Assistant Attorney General for National Security, will deliver the keynote. Other speakers will include current and senior officials from the Justice Department, National Security Agency, Office of the Director of National Intelligence, FBI, DHS, Google, and Microsoft.

CyberBiz Summit (Linthicum, Maryland, USA, March 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday, March 28th.