Cyber Attacks, Threats, and Vulnerabilities
France fingered as source of Syria-spying Babar malware (Register) Crack team of malware boffins think DGSE coded reconware
Security firm finds preinstalled malware on Xiaomi Mi 4 smartphone (Venture Beat) Data security firm Bluebox has discovered preinstalled malware and a host of other issues with a Xiaomi Mi 4 device the company tested. Scarier still, the phone seems to have been tampered with by an unidentified third party
From the Labs: New developments in Microsoft Office malware (Naked Security) In September 2014, we wrote about a resurgence in VBA malware
Dridex Banking Trojan Spreading Via Macros in XML Files (Threatpost) Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines
Cryptowall makes a comeback via malicious help files (Help Net Security) A new spam wave has hit hundreds of mailboxes with malicious .chm attachments to spread the infamous Cryptowall ransomware
What Happened to You, Asprox Botnet? (Internet Storm Center) Earlier this year, @Techhelplistcom reported the spam and landing site infrastructure used to spread Asprox malware switched to porn-related URLs. This started back in mid-January 2015, and I still haven't seen much about it in the open press. Since then, this infrastructure has continued spreading links to pornography or diet-related scams
How Malware Generates Mutex Names to Evade Detection (Internet Storm Center) Malicious software sometimes uses mutex objects to avoid infecting the system more than once, as well as to coordinate communications among its multiple components on the host. Incident responders can look for known mutex names to spot the presence of malware on the system. To evade detection, some malware avoids using a hardcoded name for its mutex, as is the case with the specimen discussed in this note
How Hackers Could Use A Nest Thermostat As An Entry Point Into Your Home (Forbes) Security researcher TrapX Security is showing off how hacking an internet-connected thermostat made by Google-owned Nest can be the jumping off point to gaining control of other devices in your home
Smart home or dumb security risk? (InfoWorld) Internet-connected devices are flooding into homes, but with convenience comes vulnerability
Islamic State takes to social media, has about 46K Twitter accounts (Ars Technica) ISIS supporters preferred tweeting with Android over iPhone and Blackberry
NSA warns not to 'feed' terrorist agenda (The Australian) The chief of America's powerful National Security Agency has warned social and traditional media outlets against "feeding" and "perpetuating" the agenda of radical terrorist groups such as Islamic State by publishing horrific images displaying their barbarity
Islamic State appears to be fraying from within (Washington Post) The Islamic State appears to be starting to fray from within, as dissent, defections and setbacks on the battlefield sap the group's strength and erode its aura of invincibility among those living under its despotic rule
Why Are Foreign Fighters Joining ISIS? (The Atlantic via Defense One) Foreign fighters participate in some of ISIS' 'worst acts,' but there isn't one clear explanation on why they join the battle in the first place
Boko Haram's pledge of allegiance to ISIL is a symptom of weakness, not strength (Quartz) The Islamic terrorist group Boko Haram has pledged allegiance to the Islamic State group this weekend, just hours after it set off five bombs in busy areas of Maiduguri, northeast Nigeria's largest city, killing 54 people and injuring 146, according to local authorities. Boko Haram leader Abubakar Shekau pledged allegiance to ISIL through a video shared on a Twitter account that has since been suspended.
Hackers in Butte credit union cyber attack claim ISIS affiliation (NBC Montana) The Southwest Montana Community Federal Credit Union was the target of a cyber attack Saturday by hackers claiming to be affiliated with ISIS
Update: The Shed restaurant's website running again after cyber-attack claimed by ISIS (Biloxi-Gulfport Sun-Herald) The Shed Barbeque & Blues Joint confirmed on Saturday its website was hacked by a group claiming to be ISIS. It took a web developer minutes to fix The Shed Barbeque & Blues Joint's website after a person or group claiming to be ISIS hacked it Saturday
Point-of-Sale Vendor NEXTEP Probes Breach (KrebsOnSecurity) NEXTEP Systems, a Troy, Mich.-based vendor of point-of-sale solutions for restaurants, corporate cafeterias, casinos, airports and other food service venues, was recently notified by law enforcement that some of its customer locations have been compromised in a potentially wide-ranging credit card breach, KrebsOnSecurity has learned
Mandarin Oriental eradicates malware from credit card systems (ZDNet) After admitting to a security breach, the luxury hotel chain has managed to remove malware discovered on systems related to customer financial data
N. Korea orchestrated cyber attack on Sony Pictures: Sankei Shimbun (Airirang News) A new report by a Japanese daily backs the U.S. claim that North Korea carried out last year's cyber attack on Sony Pictures. The Sankei Shimbun on Sunday reported a claim by a former officer of Pyongyang's Reconnaissance General Bureau, who said the bureau director, General Kim Yong-chol, orchestrated the attack
St. Mary's Reports Cyber Attack Affecting 4,400 People (Tristate) A cyber attack at a Tri-State hospital leaves thousands of local people potentially at risk. St. Mary's Health officials report a hacking attack has compromised the personal information of approximately 4,400 individuals
Feminist blog hit by DDoS attack on International Women's Day (We Live Security) Sunday March 8 was International Women's Day, celebrating women's achievements and contributions to society
Anatomy of a Hack (The Verge) A step-by-step account of an overnight digital heist
Cyber Trends
Stuxnet, Snowden and Sony: Why we've passed the cyber security tipping point (CSO) Heavy-handed pressures from tech-unaware legislators, successful strikes by laterally-thinking hackers, a growing tide of dissent about government intervention and corporate concerns about last year's massive hack of Sony Pictures corporate documents have pushed us past the security tipping point into an environment where cyber-attacks will increasingly become favoured tools of nation states and terrorist groups, a leading security journalist has warned
Financial firms are putting more stock in the cloud (Help Net Security) Many financial firms are slowly putting more stock in the cloud. That's a key finding from a new Cloud Security Alliance (CSA) survey, which targeted executives from banking, insurance and investment firms around the world
Why hacking is not a victimless computer crime (Channel 4 News) Hacking often seems a victimless offence. When the National Crime Agency announces it's arrested 57 alleged computer hackers, it's easy to believe that the crimes they're accused of didn't really "harm" anyone
Marketplace
"New era" of cyber crime leaves financial institutions uninsured (Insurance Business) After an international group of hackers managed to bypass customers and steal directly from banks, cyber insurance experts are warning that brokers have a renewed responsibility to work with underwriters to ensure all potential coverage gaps are filled
Akamai Bolsters Its Value Added Services With Acquisition Of Xerocole (Forbes) Content Delivery Network giant Akamai recently acquired Xerocole Inc., a Colorado-based Domain Name System technology company
Bulova Technologies Group, Inc., Announces Joint Venture to Enter the Cyber Security Market Place (Sys-Con Media) Bulova Technologies Group, Inc. (OTC: BTGI) (the "Company") today announced a Joint Venture with Blackford Technologies LLC and have formed Bulova Technologies Compliance and Security, LLC. Bulova Technologies will market the Enterprise Content Management Library ("ECM Library"©) and the companion K-3 Data Encryption© software to government agencies, banks, law firms and mid to large size businesses
Detectify picks up €1.5 million to hack your startup (Arctic Startup) Stockholm-based Detectify has been a fun company to follow. With a team of hackers (in both the startup and Hollywood sense) they've done everything from hacking Google, Facebook, Spotify, Klarna, and Stripe for bug bounty programs. Taking their ethical hacker knowledge mainstream, they've built a "get hacked as a service" tool for anyone to hack their own web service and see how their cyber security stacks up
Can great tech save cybersecurity startup from grim reaper? (Upstart Business Journal) PFP Cybersecurity, a new startup from Steven Chen, is talking with defense contractors whose aim is to secure their supply chain
Symantec split will occur on April 1st (IT Pro) Symantec will split its company into two separate storage and security organisations from April 1st, the company has confirmed
Leidos makes cyber divestiture (Washington Technology) Since January of 2014, Leidos has said it was looking to sell its Clouldshield Technologies business, and now 14 months later, it has found a buyer
Novetta puts up 'for sale' sign. What does it mean? (Washington Technology [subscription]) With Novetta Solutions hiring investment bankers to sell the company, we look at what the sale says about conditions in today's market
Pentagon Gets Authority To Hire 3,000 Cyber Pros (Nextgov via Defense One) The new rules give the military the power to fast-track new hires and staff up its fledgling Cyber Command
U.S. Military Cyber Commands Sweeten Bonuses, Deals to Retain Cyberwarriors (SIGNAL) Recruiting for a qualified military and civilian workforce for the U.S. Defense Department's cybersecurity mission has proven successful so far, but retaining the force remains to be seen, cyber commanders told Congress during a hearing
Closed-door Palantir event takes on women in cybersecurity problem (San Francisco Business Times) Women are widely known to be under-represented in the tech community. But it turns out, one particular segment of the industry, cybersecurity, is dramatically dominated by men, something Palantir hopes to change
Does Hollywood Have The Answer To The Security Skills Question? (Dark Reading) The Oscar-winning biopic about famed WWII cryptanalyst Alan Turing — the father of modern computing — was long overdue. But a lot more needs to be done to inspire the next generation of computer scientists
Roger Mason of Noblis Receives Wash100 Award for Leadership in Intell and National Security (GovConWire) Roger Mason, senior vice president for national security and intelligence at Noblis, has been named to this year's Wash100 list of the most influential leaders in GovCon for his leadership role in intelligence and national security
Products, Services, and Solutions
Silent Circle: We haven't been served a single demand for data (ZDNet) Despite reports to the contrary, Silent Circle's general counsel said the company has not received a single government demand "of any type" for user or business data
CloudLock Joins ServiceMax Marketplace to Help Enforce Data Compliance (IT Business Net) The CloudLock Security Fabric will enable field service organizations to realize the business benefits of the cloud with confidence
The best mobile anti-virus software available (IT Pro Portal) With Mobile World Congress now behind us, we can reflect on an event dominated by innovative wearables, cutting-edge smartphones and flashy VR headsets, but which also showcased the importance of security
BioCatch pitches behavioural biometrics to detect new acount fraud (Finextra) BioCatch, the global leader in Behavioral Biometrics™, Authentication and Malware Detection, announced today the launch of its New Account Fraud Detection solution which detects fraud in new user accounts in the retail banking, eCommerce and payments industries.
Abine and Coinbase Launch 'Bitcoin Anywhere' Service Using Blur (Cointelegraph) Abine and Coinbase are using Blur to give Bitcoin users the ability to shop anywhere MasterCard is accepted. The service also comes with enhanced privacy tools
U.S National Security Approved Samsung Devices for Secret Mission (Insight Ticker) Samsung Electronics informed that U.S National Security Agency permitted the use of a Samsung smartphone for their official tasks. The officials will utilize the Galaxy devices to transfer confidential information and data which will certainly improve the reputation of the company
Technologies, Techniques, and Standards
Cyber Insurance: Managing the Risk (Tripwire: the State of Security) Cyber insurance is a hot topic of many debates today. It is believed to be the long-awaited cure for high-impact security risks, especially in light of constantly evolving privacy legislation and disclosure obligations — but what actually is it?
FREAK flaw: How to protect yourself now (ZDNet) The FREAK security hole is more widespread than previously thought. Here's everything users and system administrators need to know in order to stay safe now
Third-Party Vendors a Weak Link in Security Chain (eSecurity Planet) Security shortcomings of third-party vendors are a cybercriminal's dream. So security pros should revisit how they manage vendor relationships
Managing Vendor Risk Complexity: Insights from Financial Institutions (Bitsight) Earlier this week I had the privilege of attending the invitation-only BNY Mellon 2015 Third Party Risk Management Symposium
Breaches Reveal Patch Management Weaknesses (Credit Union Times) First Moscow-based security firm Kaspersky Lab revealed a cybercriminal gang raided up to 100 financial institutions internationally for an estimated $1 billion. Then, the San Diego based Identify Theft Resource Center said that as of March 4, there had been 14 breaches, including one credit union, affecting almost 400,000 records in the financial sector this year
Seven Data and Information Security Mistakes Even Smart Companies Make (IT Business Edge) Click through for seven common security mistakes even smart companies often make, as identified by Digital Guardian
DNS Names Provide Clue to Malware Communications, Researchers Find (eWeek) OpenDNS, which provides domain filtering and security services, finds the use of some domain names in malware infrastructure can be predicted
CSA introduces security frameworks for government cloud security (TechTarget) The Cloud Security Alliance's new frameworks for the European Union offer baseline security measures for government agencies worldwide deploying secure cloud services
CyberWar Game Simulates Healthcare Attacks (Forbes) Last week was rough for County West General Hospital. Its IT staff noticed almost immediately that the kickoff off round of FDA testing for a new drug from Bromley Weyland Pharmaceuticals appeared to be compromised
Globe And Mail rolls out SecureDrop and why other publications should (CSO) I have been a long time reader of the venerable Canadian publication, The Globe and Mail. This is a paper that continues to turn out great content despite the massive shift to online delivery which has seen an end to so many print publications
A few small steps for man, a giant leap for online security (Help Net Security) The online world is vast. Just follow these straightforward tips, which will make it harder for hackers, and keep you secure
Design and Innovation
Robocall spotting contest launched by FTC (Naked Security) The US Federal Trade Commission (FTC) has launched a pair of competitions to stimulate research into technological approaches to the problem of robocalls
Research and Development
Google Tackles Quantum Computing's Hardest Problem: Errors (Wired) The promise of quantum computing is computers powerful enough to break the encryption techniques we now use to protect the world's data. But realizing that promise means, among other things, cracking a thorny paradox. A basic operation of any computer is checking for mistakes. But by the logic of quantum computing, the act of checking is itself likely to create an error
An Unhackable QR Code to Fight Bogus Chips (IEEE Spectrum) To combat the rising threat posed by counterfeit microchips, researchers from the University of Connecticut now suggest the QR codes often used in ads and signage could be made nearly impossible to hack for use in security
The EMBERS Project Can Predict the Future With Twitter (Newsweek) For the majority of Americans born after World War II, it is unlikely Arlington, Virginia, holds any special significance. But for those who know that the outcome of the war largely hinged on Imitation Game-style code-breaking, Arlington has a mystique as the epicenter of American military cryptanalysis
Academia
World's largest college cybersecurity competition held in SA (KSAT 12) Students duke it out against hackers
IT Digest: Siemens gives GWU a $30 million grant (Washington Post) George Washington University picked up a $30 million grant from Siemens, the German conglomerate that bases its U.S. headquarters in the District, to give engineering students access to the company's manufacturing software, the firm said last week
Post-graduate course in cyber security (Star Online) BAE Systems is further strengthening its long-term commitment to Malaysia by agreeing to fund a new post-graduate programme in Cyber Security at the National Defence University of Malaysia
Anti-bullying campaign kicks off in White Mountains middle, high schools (White Mountain Independent) Cellular One is teaming up with White Mountain Fire & Life Safety to launch an awareness campaign aimed at combating the potentially dangerous physical and emotional ramifications associated with teen bullying and cyber-bullying
Legislation, Policy, and Regulation
Cybersecurity Law a Priority This Year: Top Official (Wall Street Journal) Chinese leaders have made the passage of a cybersecurity law a priority for this year, despite protests from the U.S. against the country's growing restrictions on technology firms
New Zealand PM refuses to rule out mass surveillance (ZDNet) New Zealand's prime minister has refused to rule out the possibility that the country's electronic spy agency conducts mass surveillance, while suggesting that New Zealanders are not legally entitled to be told when their communications data is collected
Europe reverses course on net neutrality legislation (Ars Technica) EU member states have voted in favor of allowing the prioritization of "specialized" services
On Cyber Arms Control (Apropos of the New York Times Editorial) (Lawfare) A bit late, but one more observation about the New York Times editorial calling for cyber arms control. In their words, "the best way forward [to reduce cyber threats] is to accelerate international efforts to negotiate limits on the cyberarms race," in much the same way that we did with the nuclear arms control treaties of the Cold War
Cybercom Chief: Cyber Threats Blur Roles, Relationships (Ameriforce) Over five years of U.S. Cyber Command operations, global movement of threat activity through cyberspace has blurred roles and relationships among government agencies, as well as between the public and private sectors and the real and virtual worlds, the Cybercom commander told a House panel
The Doomed Quest For The Golden Key (TechCrunch) Some months ago, the Washington Post waded into the debate about the NSA, pervasive surveillance, and end-to-end encryption with a call for Apple and Google to magically "invent a kind of secure golden key they would retain and use only when a court has approved a search warrant." This was met with a chorus of contempt and opprobrium
Cyber-Liberty Depends on Cyber-Security (American Thinker) My colleagues at the Fraser Institute have just published a report examining the issue of cyber-security from an underappreciated but crucial perspective, namely, the importance of cyber-security to liberty
Cybersecurity Challenges for Canada and the United States (Fraser Institute) The Internet was designed not with security in mind, but rather openness and the free flow of information. The resulting globally connected nature of the Internet has brought unprecedented levels of information and commercial exchange, contributed enormous gains to individual prosperity, empowered individuals, and promoted and expanded individual liberty. Only in recent years have governments, militaries, industries, firms, and individuals come to grips with the importance of protecting this critical sphere of activity on which so much liberty, property, and security depends. How to protect legitimate activity in cyberspace without compromising its open character is the challenge
Cyber Warriors Need Not Be Soldiers (Discover) Throughout history, warriors of all cultures have trained their bodies to endure physical hardship and combat, whether they wielded swords and shields or carried guns and ammunition. In the 21st century, countries such as China and Estonia have recruited a new breed of warriors who fight as part of cyber militias rather than as official military personnel in uniform
Spotlight: Obama takes executive action, still seeks law from Congress (USA Today) President Barack Obama has signed an executive order on cybersecurity aimed at boosting the defense of critical US infrastructure, while also avoiding the criticism over compromising civil liberties that its legislative predecessors suffered from
Lawmakers target data brokers in privacy bill (IDG via CIO) Four U.S. senators have resurrected legislation that would allow consumers to see and correct personal information held by data brokers and tell those businesses to stop sharing or selling it for marketing purposes
CIA re-orgs to build cyber-snooping into all investigations (Register) Because the USA has such a shortage of digital surveillance
Litigation, Investigation, and Law Enforcement
Group claiming links to Isis hacks small business websites (ComputerWeekly) The FBI is investigating the hacking of a number of small business websites in the US and Europe by people claiming to be affiliated with Islamic State (Isis)
Feds Indict Three in 2011 Epsilon Hack (KrebsOnSecurity) U.S. federal prosecutors in Atlanta today unsealed indictments against two Vietnamese men and a Canadian citizen in connection with what's being called "one of the largest reported data breaches in U.S. history." The government isn't naming the victims in this case, but all signs point to the 2011 hack of Texas-based email marketing giant Epsilon
U.K. National Crime Agency arrests 56 alleged cybercriminals in week-long operation (SC Magazine) British law enforcement arrested 56 people, including a man accused of hacking the U.S. Department of Defense (DoD), this past week in operations targeting alleged cybercrime perpetrators
Convicted Silk Road mastermind Ross Ulbricht demands trial do-over (Ars Technica) On trial's eve, prosecutors disclosed information of an "alternative perpetrator"
Snowden Intends to Ask for Political Asylum in Switzerland (Telesur) The NSA whistleblower, who has been living in Russia, recently revealed that he was willing to return to the U.S. if he could be given a fair trial