Cyber Attacks, Threats, and Vulnerabilities
What "martial law" in Thailand really means—censorship, selfies, and uncertainty (Quartz) The political discord that has shaken Thailand for months entered an uncertain new phase at dawn today, as the country's military declared martial law, granting itself broad powers to "suppress unrest" and take control of the country's public security
New 'hacker' scandal rattles Colombian presidential race (Miami Herald) A video that emerged over the weekend seems to show front-running presidential candidate Oscar Iván Zuluaga relying on classified information purportedly extracted from military intelligence and the U.S. Southern Command
Is one of the world's oldest viruses haunting the Bitcoin Blockchain? (Graham Cluley) If you're an IT greybeard you might recall the Stoned virus. It first appeared in 1987 at the University of Wellington, New Zealand, infecting floppy disks and the partition sector of hard disks
Embedded Devices Leak Authentication Data Via SNMP Community String (Threatpost) Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and a popular enterprise-grade load balancer are leaking authentication details in plain text
Heartbleed flaw lingers due to shaky response (TechTarget) More than a month after the world learned of the epic, headline-grabbing Heartbleed flaw, the severe OpenSSL vulnerability can still be found on hundreds of thousands of servers — and some other not-so-obvious spots — thanks to an inconsistent industry-wide response
More fake antivirus programs found in Google Play, Windows Phone Store (CSO) Mobile app stores lack the necessary mechanisms to prevent such scams, researchers from Kaspersky Lab said
Buggy iTunes 11.2 update opened serious security hole on Apple Macs (Graham Cluley) When Apple rolled out an updated version of Mac OS X this week I grumbled about the lack of information regarding what (if anything) was being fixed security-wise
Researchers discover critical flaws in the Chip and PIN system (Help Net Security) A group of researchers from Cambridge University have discovered two critical flaws in the "Chip and PIN" (EMV) smart card payment system that can be misused to "clone" cards so effectively that normal bank procedures won't spot the fake
Could your mobile voicemail system help hackers unlock your online accounts? (VASCO Blog) In 1993, Peter Steiner submitted a pen-and-ink cartoon to The New Yorker magazine, featuring two dogs at a desk. One of them is sitting in front of a computer screen and says to the other: "On the Internet, nobody knows you're a dog"
Malvertising Redirecting to Microsoft Silverlight Exploits (Threatpost) The fact that Netflix accounts for one-third of Internet traffic during peak evening hours, and that it runs on the Microsoft Silverlight platform, is just too tempting a combination for hackers to pass up
LifeLock pulls its Wallet apps and deletes user data after security scare (Graham Cluley) LifeLock, a firm which is supposed to help you protect yourself from identity thieves, has taken the drastic action of announcing that it is yanking its iPhone and Android apps
Rash of Recent Zero-days Linked Back to a Central Author (Infosecurity Magazine) Recent zero-day exploits can all be traced back to one exploit kit, dubbed Elderwood
Fitness apps are a "privacy nightmare", shedding personal data to the highest bidder (Naked Security) Lately, Zumba has been killing me. My right knee aches, and I swear I'll need a new hip within a few years
Kovter Adult Website Ransomware Doubles (Infosecurity Magazine) Damballa researchers warn malware redirects users to porn sites if none can be found in browsing history
When Networks Turn Hostile (TrendLabs Security Intelligence Blog) We've previously discussed how difficult it is to safely connect to networks when on the go. This is particularly true on vacations and holidays, where the availability of Internet access is one of the most important factors when looking for a place to stay. In fact, many holiday lodges and hotels today have made Wi-Fi access an integral part of their offered amenities. With all the fun and relaxation set before you, it is easy to take secure Internet access for granted
Beware of "Blackshades" (CNN via Fox2 Now) It is nicknamed "creepware," and more than half a million people around the world have been prey to its silent computer snooping
Home routers: Broken windows to the world (ComputerWorld) But it is a broken window, according to some top security experts, who say there is little that average consumers can do to protect themselves from skilled cyber attackers, even if they use rigorous passwords and encryption, because the software running the devices is obsolete and riddled with known vulnerabilities
Mid-2014 Tech Security Rundown: 5 Current Exploits Worth Knowing About (Hackers News) Since the days of the Morris worm, no computer that's connected to a public or even a private network has been safe from virus infections. Regardless of the precautions that you take, there will always be new security exploits to thwart. Being aware of the latest and greatest security exploits is the first step in combating them. Here are just a few of the security threats that have risen to prominence in recent months
Student data inadvertently posted online, accessible via Google search (SC Magazine) An undisclosed number of Pennsylvania-based Lake Erie College of Osteopathic Medicine (LECOM) students are being notified that their personal information — including Social Security numbers — was in spreadsheets that were inadvertently posted online by Hubbard-Bert, a benefits administrator for LECOM
Insider Breach Exposes 2,546 Blue Cross Blue Shield Members' Data (eSecurity Planet) Members' names, addresses, and credit card or bank account information may have been stolen by a former employee
Security Patches, Mitigations, and Software Updates
Google adds new security features to Google Apps (Help Net Security) Here is some welcome news for Google Apps Business, Government and Education customers: the company has implemented three new security features to protect them from phishing, hacking, and state-sponsored intrusions
Facebook Takes Tougher Stand Against BREACH Attack (Threatpost) The BREACH attack was the talk of Black Hat last summer. It was disclosed less than two months after the first Snowden leaks and helped renew focus on the security of online communication and the protocols guarding ecommerce and messaging
XMPP Mandating Encryption on Messaging Service Operators (Threatpost) Beginning today, the operators of instant massaging services that rely on the extensible messaging and presence protocol (XMPP) are expected to deploy encryption into the platforms they maintain
Cyber Trends
The Role of Intelligence in Network Defence (Context Information Security) The purpose of this white paper is to educate the reader on how threat intelligence can add substantial value to the security of a computer network as part of a wider cyber security strategy. The paper deals with understanding intelligence requirements, risks to an organisation's data, differentiating between threat intelligence vendors and implementing the intelligence feed to detect and investigate nefarious activity
Report on Cyber Security in the Banking Sector (New York State Department of Financial Services) Cyber attacks against financial services institutions are becoming more frequent, more sophisticated, and more widespread. Although large-scale denial-of-services attacks against major financial institutions generate the most headlines, community and regional banks, credit unions, money transmitters, and third-party service providers (such as credit card and payment processors) have experienced attempted breaches in recent years
Former NSA Director: Big Data is the Future (Nextgov) The National Security Agency has been in the business of collecting information for a long time, but technological advancements over the past decade are the primary driver of the intelligence community's ability to collect data on the grandest scale
The Surveillance State Doesn't Have to Be an Orwellian Nightmare (Motherboard) George Orwell, the sci-fi crowd, even elf-hugging J. R. R. Tolkien, warned of total surveillance powers concentrated in the hands of totalitarian spooks. Then Edward Snowden's revelations seemed to vindicate these dystopian predictions and aroused widespread recognition that our lives are becoming less and less private
Brits Most Worried About ID Theft and Bank Card Fraud (Infosecurity Magazine) Unisys research shows national security concerns pale in comparison to personal data exposure
Hiding under false sense of security (ITWeb) Many South African enterprises are labouring under the illusion that they are not at risk of being targeted by cyber criminals, and that traditional approaches such as anti-virus, perimeter and unified threat management solutions are still adequate, says StarLink SA sales manager, Wayne Donnelly
Education data mining puts kids' privacy at risk (Naked Security) Education technology, image courtesy of ShutterstockOur kids are being watched, and the gushing data streams they're emitting are getting analysed in granularity so minute, it puts data-mining companies like Facebook and Google to shame
Marketplace
Target cut former CEO's pay package by 37%, confirms his 'involuntary termination' (MarketWatch) After seeing its per-share profit fall for the first time in at least five years, Target Corp. cut its former Chief Executive Gregg Steinhafel's total compensation by about two-fifths and gave no bonuses to most of its top executives, a new filing shows
Are We Ready to Take These Breaches More Seriously Now? (SecurityWeek) For years, the security community and regulators have been warning that things are starting to get serious and that "plausible deniability" for executives no longer exists when it comes to lapses in network security. Some heeded the warnings, most did not, and as a result we are starting to see the ramifications of a tougher emphasis on security
Marc Andreessen: Tech companies are still fuming over the NSA (Washington Post) Almost a year after he released a flurry of documents showing the National Security Agency was collecting data on everyone from foreign leaders to U.S. citizens, Edward Snowden is still the predominant Washington story in the minds of tech executives who believe the controversy has caused damage to their businesses
Is FireEye About To Get Burned – Real Time Insight (Zacks via Nasdaq) Later this week, FireEye ( FEYE ) is going to see about 92 million shares that were locked up become available for sale. The stock is currently a Zacks Rank #4 (Sell), but let's take a look at what happened with Twitter ( TWTR ) and its lock up and take a look at the similarities
GE's $1 Billion Software Bet (MIT Technology Review) To protect lucrative business servicing machines, GE turns to the industrial Internet
The Cyber Corridor (Bossier Press) U.S. Senator Mary Landrieu (D-La) (center) and Department of Homeland Security Secretary Jeh Johnson (left) were in north Louisiana Friday to discuss just how this area is helping build Louisiana's cyber security work force and its plans to create high-paying tech jobs along the I-20 corridor. Landrieu and Johnson both praised Bossier Parish for its role along the 'cyber corridor' as a valued part of the nation's cyber defense movement
MacAulay-Brown, Inc. Welcomes Former Commander of Army Cyber Command Lieutenant General Rhett Hernandez to its Board of Advisors (Globe Newswire) MacAulay-Brown, Inc. (MacB), a leading National Security company delivering advanced engineering services and product solutions to Defense, Intelligence, Special Operations Forces, Homeland Security and Federal agencies, announced today that former Commander of Army Cyber Command (ARCYBER), Lieutenant General (Ret.) Rhett Hernandez has joined the company's Board of Advisors
Cellebrite Appoints Paul Battaglia SVP Mobile Forensic Sales for North America (Digital Journal) Public sector industry veteran tapped to expand company's market leadership position
Products, Services, and Solutions
Free encrypted mobile messaging app for iOS (Help Net Security) SRD Wireless launched PQChat, a free app for iOS designed to make communications between people and businesses as safe, secure and private as possible. NTS protects data using the McEliece cryptosystem, the strongest currently known
EnCase and ThreatGRID Integration Provides Deep Insight and Context Into Today's Cyber Threats (MarketWatch) ThreatGRID malware analysis and intelligence for EnCase reduces time for investigation and response
Invincea Launches Free Malware Discovery and Analysis Suite (Campus Technology) Invincea has released Invincea Research Edition, a malware discovery and analysis solution for the data forensics and incident response community. It's being offered for free to DF/IR professionals
TransVoyant and Praescient Analytics Announce Partnership to Deliver Joint Analysis Solutions (Digital Journal) Technology integration firm Praescient Analytics and TransVoyant™ LLC today announced the signing of a partnership agreement. The agreement enables Praescient to offer TransVoyant's cutting edge, cloud-based data streaming and decision analytics family of solutions
Check Point builds seven-armed threat-intelligence sharing alliance (NetworkWorld) Check Point gateways to tap into iSIGHT Partners, CrowdStrike, NetClean, PhishLabs, SenseCy, IID and ThreadGRID
Technologies, Techniques, and Standards
Cyber Security Regime Undergoing Changes (Insurancenewsnet) The rules governing the security of the information technology systems of contractors and the private sector are in a continual state of flux as the federal government struggles to get its arms around an ever-changing landscape. In February, the White House issued a voluntary cyber security framework to serve as a how-to guide
The sandbox trap: taking the fight to malware (TechRadar) Catching threats before they hit the network
Industrial wireless blackout looms (Help Net Security) With the intention of preserving bandwidth, the telecommunications industry has written a harmonized standard that does not allow industrial wireless control systems to function
Essential steps for implementing Data Loss Prevention (Help Net Security) In this podcast, recorded at Infosecurity Europe 2014, Raul Condea from CoSoSys talks about essential steps to take when implementing Data Loss Prevention (DLP)
Using ITOA to secure endpoints (Help Net Security) Businesses today invest heavily in security technology in an effort to protect the most vulnerable aspects of their IT infrastructure — the endpoints and end-user devices — in order to ensure compliance enforcement of corporate security policies and standards
Big data security analytics meets identity and access management (ComputerWorld) While most enterprise organizations have SIEM installed, they now realize that these venerable security systems cannot address today's dangerous threat landscape alone. As a result, many are adding network forensics and big data analytics systems for capturing, processing, and analyzing a whole bunch of additional security data
Research and Development
DARPA's cyberwarfare program critical to future of kinetic warfare, says Prabhakar (FierceGovernmentIT ) The Defense Advanced Research Projects Agency's cyberwarfare program, called Plan X, is one of the agency's highest priorities, said DARPA Director Arati Prabhakar
DARPA to Showcase Latest Cyber, Big Data Ideas (American Forces Press Service) The Defense Advanced Research Projects Agency will display more than 100 projects and 29 programs in the Pentagon's courtyard May 21 to demonstrate cybersecurity technologies and spark feedback from warfighters, a DARPA scientist said during a May 16 interview with the Pentagon Channel here
Legislation, Policy, and Regulation
China confronts U.S. envoy over cyber-spying accusations (Reuters via Yahoo! News) China summoned the U.S. ambassador the United States accused five Chinese military officers of hacking into American companies to steal trade secrets, warning Washington it could take further action, the foreign ministry said on Tuesday
Why is the latest China spy case so significant? (AP via CNY Central) The Obama administration has brought unprecedented criminal charges against five officials in the Chinese military for hacking into private U.S. companies' systems and stealing trade secrets. It was the first time the U.S. has revealed any evidence the Chinese government was going after American companies' private information for economic gain
The Attack of the Lawyers (Belmont Club) And Caesar's spirit, raging for revenge, With Ate by his side come hot from hell, Shall in these confines with a monarch's voice, Cry "Havoc!" and let slip the lawyers of war. Ok, that's not exactly what Shakespeare said in Act 3 of Julius Caesar, but that's what Obama said to Holder. The president has unleashed the Justice Department on Beijing's cyber-attackers
The US indictment of five Chinese army officers is really about redefining "cyberspying" (Quartz) The US government has indicted five Chinese military officials for hacking Western companies and stealing their trade secrets—"the fruits of our labor," in the words of assistant US attorney John Carlin. The lawsuit is unprecedented—the first ever brought against individual members of a government for economic espionage via hacking. And, legally speaking, it's pretty pointless
Caught Red-Handed (Foreign Policy) Washington is punishing China's cyber spies for the first time. Will Beijing come after U.S. spooks in response?
U.S. Indictment of Chinese Hackers Could Be Awkward for the NSA (Wired) It's no secret that the Chinese military represents a real threat to online security here in the U.S. Over the last several years, state-sponsored Chinese hackers have broken into hundreds of American targets—both inside the U.S. government and across the private sector. But when the Department of Justice announced criminal charges against five hackers working for China's military this morning, it came at an awkward time. After a year of revelations from ex-NSA contractor Edward Snowden, it's clearer than ever before that America's own government hackers have been running rampant through the world's networks
Cyber case puts more strain on US-China relations (AP via the Seattle Times) The indictment of five Chinese military officials on cyber espionage charges will intensify friction between Beijing and Washington that has been growing as China gets bolder in asserting its territorial claims in disputed seas in East Asia
China Bans Use of Microsoft's Windows 8 on Government Computers (Reuters via Re/Code) China has banned government use of Windows 8, Microsoft Corp's latest operating system (OS), in a blow to the U.S. technology company which has long been plagued by sales woes in the country
Adversaries Outpace US In Cyber War; Acquisition Still Too Slow (Breaking Defense) The United States invented the Internet, but we may not rule it any more. "We are certainly behind right now. We are chasing our adversary, for sure," one of the Air Force's top cyber warriors, Col. Dean Hullings, told an audience of about 350 here at the National Space Symposium's one-day cyber event
Should U.S. Hackers Fix Cybersecurity Holes or Exploit Them? (The Atlantic) Maybe someday we'll patch vulnerabilities faster than the enemy can use them in an attack, but we're not there yet
This NSA history has a familiar ring to it (Washington Post) The Senate report is called "National Security Agency Surveillance Affecting Americans," and describes the results of its investigation into "NSA's electronic surveillance practices and capabilities, especially involving American citizens, groups, and organizations"
NSA data-gathering may run into California roadblock (Reuters) The federal government would need a warrant from a judge if it wants the cooperation of California officials in searching residents' cellphone and computer records, under a bill making its way through the state legislature
FCC net neutrality proposals tackle internet fast lane — why no one is happy (Naked Security) Last week, the US Federal Communications Commission (FCC) came out with new proposals that could leave the door open for internet service providers to give preferential treatment to some traffic, in what has been called a "fast lane" for the internet
Litigation, Investigation, and Law Enforcement
INDICTMENT (US Department of Justice) Count One (Conspiracy to Commit Computer Fraud and Abuse) The Grand Jury charges: 1. From at least in or about 2006 up to and including at least in or about April 2014, members of the People's Liberation Army ("PLA"), the military of the People's Republic of China ("China"), conspired together and with each other to hack into the computers of commercial entities in the Western District of Pennsylvania and elsewhere in the United States
U.S. Charges 5 Chinese with Hacking (GovInfoSecurity) Five Chinese military officers have been indicted for hacking U.S. companies — incidents that had major consequences, including the shuttering of three American steel plants, U.S. Justice Department officials say
Chinese hackers targeted business partners as well as rivals, indictment alleges (Washington Post) In early February, Alcoa announced a "strategic partnership" with the Chinese state-owned aluminum company, Chinalco, in which the two would team up to buy $14 billion worth of shares in mining giant Rio Tinto
China Reacts Strongly to US Announcement of Indictment Against Chinese Personnel (Ministry of Foreign Affairs of the People's Republic of China) On May 19, Foreign Ministry Spokesperson Qin Gang made the following remarks regarding the US Justice Department's announcement of indictment against five Chinese military officers: On May 19, the US side announced indictment against five Chinese military officers on allegation of cyber theft. This US move, which is based on fabricated facts, grossly violates the basic norms governing international relations and jeopardizes China-US cooperation and mutual trust. China lodged protest with the US side right after the announcement, urging the US side to immediately correct its mistake and withdraw the "indictment"
China counters US claims with own charges of cyber-espionage (ComputerWorld) China said the U.S. accusations were based on "fabricated facts"
US And China Spy Row: Diplomatic Fallout 'Huge' (KLFM) America's decision to file charges against five Chinese individuals and to publish 'wanted' posters for them is as serious as it is historic
What to Expect From Charges Against Chinese Hackers: Nothing (Re/Code) The U.S. Department of Justice has secured criminal indictments against five active-duty members of the cyber warfare unit of China's People's Liberation Army. Here's what you should expect to happen as a result: Nothing meaningful
Here's What Chinese Military Cyber Hackers Allegedly Stole From US Companies (Business Insider) A U.S. grand jury in Pennsylvania indicted five Chinese military officials on 31 counts involving cyber espionage, Attorney General Eric Holder said Monday
How 5 Chinese hackers stole American companies' most closely-guarded secrets (ITProPortal) 208 Datong Road is a nondescript concrete high rise on one of Shanghai's busiest roads. Amid the lingering smog rising like mist off the honking lines of traffic, and the trains screeching to a halt in the nearby main railway station, this building doesn't look like much. But this is exactly where five members of an elite People's Liberation Army group codenamed Unit 61398 were assigned to hack into some of the largest companies in the United States of America
Why is the U.S. Going After Chinese Hackers? Jobs (NBC News) The Obama administration is turning up the heat on Chinese government hackers over allegedly stealing trade secrets that cost U.S. companies billions of dollars each year and undercut American jobs
'The New Normal': US Charges Chinese Military Officers With Cyber Espionage (Dark Reading) The US Department of Justice and the FBI indict five members of the Chinese military for allegedly hacking and stealing trade secrets of major American steel, solar energy, and other manufacturing companies, including Alcoa, Westinghouse Electric, and US Steel
Malware tapped into webcams and spied on victims, prosecutors say (Los Angeles Times) Hackers who paid $40 for a sinister software program called Blackshades stole sexually explicit photographs from personal computers, trained victims' webcams on them using a remote access tool, and even sent threats to victims who tried to block the online intrusions, prosecutors said Monday as they announced charges against users of Blackshades
Malware Takedown Leads to 80 Arrests (BankInfoSecurity) More than 80 individuals have been arrested for their alleged involvement in the creation, distribution and use of the BlackShades malware. The two-day roundup operation, which took place in 16 countries, was led by Belgian and Dutch judicial and law enforcement authorities and also involved the U.S. Federal Bureau of Investigation
BlackShades cybercops demonstrate improving global cooperation (CSO) The 16-country operation that led to almost a 100 people suspected of trading in BlackShades malware show law enforcement is getting better at sharing information, coordinating international raids
'Blackshades' Trojan Users Had It Coming (Krebs on Security) The U.S. Justice Department today announced a series of actions against more than 100 people accused of purchasing and using "Blackshades," a password-stealing Trojan horse program designed to infect computers throughout the world to spy on victims through their web cameras, steal files and account information, and log victims' key strokes. While any effort that discourages the use of point-and-click tools for ill-gotten gains is a welcome development, the most remarkable aspect of this crackdown is that those who were targeted in this operation lacked any clue that it was forthcoming
Secrets, lies and Snowden's email: why I was forced to shut down Lavabit (The Guardian) For the first time, the founder of an encrypted email startup that was supposed to insure privacy for all reveals how the FBI and the US legal system made sure we don't have the right to much privacy in the first place