Cyber Attacks, Threats, and Vulnerabilities
IS releases troops' photos and addresses, urges attacks (Marine Corps Times) The Islamic State group has reportedly posted the names, photos and home addresses of 100 American troops, urging sympathizers inside the U.S. to carry out attacks against them
Islamic State doxes US soldiers, airmen, calls on supporters to kill them (Ars Technica) Despite hacking claims, data likely pulled from public sources
Indiana Artisan website hacked by group claiming ISIS ties (RTV 6 ABC News) A group claiming to have ties to the Islamic State appeared to have hacked the website of an Indiana arts organization Saturday
State-sponsored hackers target European, Israeli organizations (Help Net Security) Rocket Kitten, the APT group of attackers that have been delivering spear-phishing emails with the Ghole malware to Israeli and European institutions late last year, have lately been spotted mounting a new operation
Chinese military denies role in reported U.S. hacking (Reuters) China's Defense Ministry on Friday denied that it had anything to do with a cyber attack on Register.com, a unit of Web.com, following a report in the Financial Times that the FBI was looking into the Chinese military's involvement
New Zealand Spied on WTO Director Candidates (Intercept) New Zealand launched a covert surveillance operation targeting candidates vying to be director general of the World Trade Organization, a top-secret document reveals
Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware (Cisco Blogs) Cisco's Security Solutions (CSS) consists of information security experts with a unique blend of law enforcement, enterprise security and technology security backgrounds. The team works directly with Cisco's Talos Security Intelligence & Research Group to identify known and unknown threats, quantify and prioritize risk, and minimize future risk
WordPress plugin used by millions sports critical site-hijacking flaw (Help Net Security) Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site
Cisco confirms IP phone eavesdropping flaw (IT News) Update: But successful exploit 'not likely'. Cisco's small business SPA300 and SPA500 internet protocol (IP) phones contain a vulnerability that if exploited, allows attackers to remotely listen in on audio from the devices
Latest Dridex Campaign Evades Detecgtion with Autoclose Function (Threatpost) Pushers of the Dridex banking malware have gone old-school for some time now, moving the malware through phishing messages executed by macros in Microsoft Office documents
NJRat Trojan Returns To Life, Warns PhishMe (TechWeekEurope) A remote access trojan, last seen a year ago, is making a reappearance warns security researcher
Fake job seeker's emails deliver ransomware and info-stealer (Help Net Security) The latest Cryptowall-delivery campaign comes with an additional menace: the Fareit Trojan, which is designed to steal logins and passwords from compromised computers, download additional malware, and can be used in DDoS attacks
Recently patched Adobe Flash bug added to Nuclear Exploit Kit (SC Magazine) Trend Micro, Malwarebytes and FireEye are among the security companies reporting that a recently patched Adobe Flash vulnerability has been added to the Nuclear Exploit Kit
New attacks suggest leeway for patching Flash Player is shrinking (IDG via CSO) Cybercriminals are exploiting newly patched vulnerabilities faster, a sign that users and companies need to improve their software updating habits
Bank of America phishing attack hits customers (Help Net Security) Phishers are once again targeting Bank of America customers, warns Malwarebytes' Chris Boyd
Phishing and the .gov TLD (TrendLabs Security Intelligence Blog) Brand owners frequently use SPF and DKIM to protect their brands from email forgery. For example, a brand owner could register the same domain name under multiple top-level domains (TLDs) (such as .com, .net, .org, etcetera) and announce SPF/DKIM records for all of these domains (even if they were not actively being used). While generally effective, there is one loophole: what about the .gov TLD?
Premera hack: What criminals can do with your healthcare data (Christian Science Monitor: Passcode) The Premera Blue Cross breach gave hackers valuable financial and medical data on millions of people. That information can be sold on the black market to criminals looking to commit identity theft, obtain prescription drugs illegally, or commit insurance fraud
Open Letter to Premera Blue Cross CEO Jeffrey Roe (Digital Dao) Dear Mr. Roe: My wife and I were Premera Blue Cross customers during my tenure with Microsoft. During that time, we both had surgeries done and she has a long history of medical treatments. In other words, Premera Blue Cross holds a lot of very sensitive information on both of us, separate and apart from our social security numbers, dates of birth, and other personally identifiable information. I'm sure that many of your customers could say the same. This open letter serves to notify you of my intention to see that Premera Blue Cross is made an example of for the insurance industry, much like Target was for the retail industry for the following reasons
2015 is already the year of the health-care hack — and it's only going to get worse. (Washington Post) Last year, the fallout from a string of breaches at major retailers like Target and Home Depot had consumers on edge. But 2015 is shaping up to be the year consumers should be taking a closer look at who is guarding their health information
Fake patient data could have been uploaded through SAP medical app (IDG via CSO) SAP has patched the issue, which affected Electronic Medical Records Unwired
Nuisance Adware Blights Google Play Again (Infosecurity Magazine) Mobile security firm Lookout claims to have found 13 new pieces of adware in the Google Play app store, potentially affecting up to half a million users
Apple removes 'misleading' anti-virus app from iOS in alleged crackdown (Trusted Reviews) Apple is reportedly shuttering 'anti-virus' apps on the iOS App Store, allegedly describing such software as 'misleading'
Leaking apps, not malware, pose greatest mobile threat to enterprises, says NowSecure CEO (FierceMobileIT) Leaky mobile apps, not mobile malware, pose the greatest mobile threat to the enterprise, according to Andrew Hoog, CEO of NowSecure, a maker of mobile app security testing products
Rush To Release Resulting In Vulnerable Mobile Apps (Dark Reading) IT organizations overlooking security in their haste to crank out mobile apps, Ponemon Institute report finds
Which Apps Expose Your Data to the NSA's Spying? (Tech Cheat Sheet) A recent Pew Research Center report found that some Internet users have changed their use of social networking services, apps, email, and even search engines as a result of former National Security Agency (NSA) contractor Edward Snowden's 2013 revelations about the government's pervasive online surveillance. So how does your smartphone — the device that many of us find indispensable in our day-to-day lives — have the potential to expose your personal data and your online activity to government snooping? How does your mobile device protect your anonymity, and how does it leave your communications vulnerable to interception by the NSA and other intelligence agencies?
Hilton Honors Flaw Exposed All Accounts (KrebsOnSecurity) Hospitality giant Hilton Hotels & Resorts recently started offering Hilton HHonors Awards members 1,000 free awards points to those who agreed to change their passwords for the online service prior to April 1, 2015, when the company said the change would become mandatory. Ironically, that same campaign led to the discovery of a simple yet powerful flaw in the site that let anyone hijack a Hilton Honors account just by knowing or guessing its valid 9-digit Hilton Honors account number
PokerStars Account Hacks Lead to Questions About Site's Security (Flushdraw) For the past few days, discontent has been brewing in the poker community about possible security issues at PokerStars, or at least about how the world's largest poker room handles security issues. It appears that a number of accounts have been hacked and, in turn, drained of funds, but to the dismay of players, the poker room has not been of much help
British Judo in deep shido after cyber attack (Register) Hack possibly bared members' credit card details
Stolen faculty laptop containing student information not yet found, no indication that data has been used (Maine Campus) The University of Maine has reached out to the people affected by the Feb. 10 data breach involving a theft of a faculty member's laptop and media card. The former students affected have been offered identity theft protection from Experian, a cyber protection company
Cyber Trends
2015 Global Megatrends in Cybersecurity (Infosec Island) The Ponemon Institute has published the "2015 Global Megatrends in Cybersecurity". Sponsored by Raytheon Company, the aim of this research is to understand the big trends or changes that will impact the security posture of organizations in both the public and private sector in the next three years
Speed of Tech Change a Threat to Cybersecurity (Wall Street Journal) Companies are having problems adapting to the speed of technological change, continue to use legacy technologies while trying to combat evolving cyberattacks, a report says
The Healthcare Internet of Things: Rewards and Risks (Atlantic Council) The Internet of Things (IoT) of digital, networked technology is quickly moving to the forefront of society, the global economy, and the human experience
IoT technologies emerge to manage connected-device deluge (TechTarget) Deployment of IoT, wearables and connected devices are coming at rates even experts never thought possible and IT must be ready
IT pros are taking action against the insider threat (Help Net Security) 2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organizations. Currently 56% of IT professionals in the US have an insider threat program already in place, and 78% of those remaining, or 34% of the total, are planning to put one in place this year. A further 6% are planning an insider threat program within five years
The High Cost of a Data Breach Data: Do You Have $5M to Lose? (CMS Wire) The average security breach costs between $3 million and $5 million. That's the alarming word from a new report on the importance of cybersecurity on enterprise IT from BDNA, a Mountain View, Calif.-based IT data intelligence provider
France 'particularly fertile ground. for cyber attacks, says security firm (France 24) "There is no such thing as perfect security." The take-home message from a report on the latest cyber threats by world leading internet security firm, FireEye, is hardly reassuring
Bangladesh vulnerable to cyber attacks Ernst & Young says in report (Star Business Report) With the growing use of mobile phones and internet, Bangladesh is ever more vulnerable to cyber attacks, said Burgess Cooper, a partner at Ernst & Young, a global professional services firm headquartered in London
Marketplace
The decade of the data breach — how to cope (Information Age) The worst nightmare that CEOs and their board face today is not an unchecked competitive threat or insufficient market capitalisation, but that of the data breach
Hack Attacks Mean More Cyber Firms Will Go Public (Fiscal Times) Rapid7, LogRhythm and Mimecast are joining a growing list of cybersecurity firms planning to go public in 2015 to capitalize on investor interest following a spate of hacker attacks, according to people familiar with the matter
Raytheon: Rising Cybersecurity Ambitions (Seeking Alpha) Raytheon's increasing emphasis on its cybersecurity segment is a positive sign for the company, as cybersecurity will be more important than ever moving forward
KPMG just added to its acquisition spree, buying out a cyber security company (Business Insider) KPMG has struck a deal to acquire cyber security company First Point Global as it expands its digital advisory business
FireEye Inc: FEYE Stock Could Ignite Soon (Investor Place) After a few weeks of consolidating, FEYE stock now looks ready to rally again
Government reveals plan to make London cyber capital (Post) The UK government today (23 March) unveiled plans to make the London market the cyber risk management capital of the world in a report released in conjunction with broker Marsh
UK Cyber Security: the Role of Insurance in Managing and Mitigating the Risk (HM Government) The cyber threat remains one of the most significant — and growing — risks facing UK business. 81% of large businesses and 60% of small businesses suffered a cyber security breach in the last year, and the average cost of breaches to business has nearly doubled since 20131. Working in partnership, the Government and industry have done much to improve understanding of cyber attacks and how to reduce their impact, yet more needs to be done. As part of this Government's long-term economic plan, we want to make the UK one of the safest places in the world to do business online
7 reasons why Israeli cyber-security will remain hot (Venture Beat) Is Israeli cyber-security worthy of its global reputation? Are the impressive price tags of recent M&As in the field justified? And will the field of cyber-security continue to be a driving force in the Israeli hi-tech ecosystem?
Nation's only IT apprenticeship program fails to attract corporate players (FierceCIO) IT leaders constantly complain about how difficult it is to find IT workers in the job market, so any potential source of new talent would seem to be welcome relief. That hasn't been the case with the nation's only active IT apprentice program, which several months after its launch has yet to attract a single corporate employer
Northrop Wins $74M Task Order for DISA Cyber Program (GovConWire) Northrop Grumman (NYSE: NOC) will continue its cyber defense support for the Defense Information Systems Agency's Acropolis and Sensor Operations program following the award of a four-year, $73. 6 million task order
HP Awards $240K for Firefox, IE, Chrome and Safari Exploits (eWeek) No browser was left unscathed. Security researchers poked holes in fully patched browsers at this year's Pwn2Own hacking challenge
Guidance Software Appoints Vice President, Product Marketing and Operations (MarketWatch) Guidance Software, GUID, -0.93% the World Leader in Digital Investigations™, today announced the appointment of Linda Souza in the newly created role of Vice President, Product Marketing and Operations. Ms. Souza leads Guidance Software's worldwide product marketing, program marketing, marketing operations, and content development teams
Products, Services, and Solutions
Huawei, Black Lotus open anti-DDoS centre in Europe (Telecompaper) Huawei announced at Cebit the opening of its European DDoS cloud scrubbing centre. Based in Amsterdam, the centre is run in cooperation with the security company Black Lotus. The two companies first announced their partnership last December
Samsung launches Trustonic security software for Knox (Mobile News) Trustonic software will come embedded in Samsung Galaxy S6 and S6 edge smartphones
Lastline Aims to Stay Ahead of Windows Kernel Malware (eWeek) Lastline announced a new capability to detect Windows kernel malware, complemented by a presentation at South by Southwest on the state of malware
Built-in intelligence for NGFW (IT Online) Firewalls are the first line of any organisation's defences. They are the "sentinels" of the network, standing guard and controlling traffic entering and leaving the network, blocking potentially dangerous or unknown traffic that may threaten the organisation
Etihad Rail UAE: Connected train is approaching — and it cannot be hacked (Emirates 24/7) Robust mobile communications technology will keep rail networks free of hackers: Huawei official
Technologies, Techniques, and Standards
Dark Reading Threat Intelligence Survey (InformationWeek) Threat intelligence is the best way to stay ahead of new and complex attacks, say survey respondents. How analytics influences their IT security strategies varies
Five criteria for purchasing threat intelligence services (TechTarget) Once an organization has determined it is a candidate for threat intelligence services, the next order of business is to select the service that provides the best fit for its needs. Because the threat intelligence services market is still relatively new, however, it's often a challenge to compare service details side by side to get an accurate picture of which offers what
To avoid NSA, Cisco gear gets delivered to strange addresses (IDG via Network World) One of the most successful U.S. National Security Agency spying programs involved intercepting IT equipment en route to customers and modifying it
A CIO's best allies in the fight against 'shadow IT' are the shadow IT vendors (VentureBeat) The term "Shadow IT" can conjure up visions of overwhelmed CIOs frantically trying to keep information repositories secure from online attacks, while their own employees compromise security by brazenly using personal devices and consumer cloud services without IT?s permission or even IT's knowledge
Why you shouldn't ignore change auditing (Help Net Security) What are the benefits of using change auditing? What security issues can an organization discover and prevent?
Trumping cybercriminals during tax season: Tips on how to stay safe (Help Net Security) Tax season is stressful for many reasons and April 15 equals a headache for many Americans. In addition to wading through taxes, tax season also opens up a new vector in which cybercriminals can attack. With consumers sending and receiving very personal information over email — one of the weakest links in the cyber security fence — cybercriminals are on high alert, looking for the most opportune moment to strike
Design and Innovation
PC security upgrades a welcome antidote to breaches (Seattle Times) With so much in the news about computer security these days, personal experience says innovations and new developments could be appealing antidotes to the fright that breaches and theft can provoke
Why an algorithm may be the answer to fight 'revenge porn' (Christian Science Monitor: Passcode) Facebook, Reddit, and Twitter have all taken a harder line against so-called revenge porn. But many experts are calling for a more robust technological solution to scrub it from the Web
New Chevy Malibu will come with built-in NSA-style Teen-Tracking Spyware (HackRead) Chevrolet will offer parents an uncanny level of oversight when they need to lend the family ride to their kids with its NSA inspired spying feature that will be installed in its upcoming Malibu
Research and Development
New approach uses 'twisted light' to increase efficiency of quantum cryptography systems (Science Daily) Researchers have developed a way to transfer 2.05 bits per photon by using 'twisted light.' This remarkable achievement is possible because the researchers used the orbital angular momentum of the photons to encode information, rather than the more commonly used polarization of light. The new approach doubles the 1 bit per photon that is possible with current systems that rely on light polarization and could help increase the efficiency of quantum cryptography systems
Stealing Data from Computers Using Heat (Wired) Air-gapped systems, WHICH are isolated from the Internet and are not connected to other systems that are connected to the Internet, are used in situations that demand high security because they make siphoning data from them difficult
Legislation, Policy, and Regulation
WordPress Banned in Pakistan Over National Security Issues (Hack Read) In a shocking decision the government of Pakistan has banned WordPress.com, the world renowned open-source blogging tool and a content management system
Wordpress Blocked In Pakistan (TechCrunch) According to multiple local outlets, WordPress blogs are currently not accessible in Pakistan and pointing the blockage at the Pakistan Telecommunication Authority (PTA). TechCrunch has not been able to confirm that yet. As it stands right now, WordPress.com and blogs hosted by WordPress cannot be reached. Self-hosted WordPress blogs still work
Defence ministry sounds red alert on web spying (Times of India) India's defence establishment has sounded a fresh red alert over the need to ensure physical as well as cyber security of classified information in light of ever-increasing espionage attempts by foreign intelligence agencies, especially from China and Pakistan
House panel releases bill on cyber threat data-sharing (The Hill) A discussion draft of a House Homeland Security Committee bill to give companies legal liability protections when sharing cyber threat data with the Department of Homeland Security (DHS) was released Friday
Here's What a Former NSA Official Thinks About CISA (DCInno) Fresh Off An $18M Raise, Darktrace SVP talks major cybersecurity bill
It's too late to debate metadata (Phys.org) The government can?t read your email, but it will be able to find out where you sent it to and from. Credit: Paul Downey/Flickr, CC BY
What has been so frustrating throughout the metadata "debate" is that we have been kept in ignorance as to what it was that the law enforcement agencies actually wanted to retain
The NSA's plan: improve cybersecurity by hacking everyone else (Guardian) The National Security Agency want to be able to hack more people, vacuum up even more of your internet records and have the keys to tech companies' encryption — and, after 18 months of embarrassing inaction from Congress on surveillance reform, the NSA is now lobbying it for more powers, not less
Silicon Valley spars with Obama over 'backdoor' surveillance (The Hill) Silicon Valley and a bipartisan group of lawmakers are lining up against the Obama administration, criticizing what they see as a lack of support for total online privacy
Pentagon wraps up new acquisition rules to protect weapons from cyberattacks (Reuters) The U.S. Defense Department is taking aggressive action to bolster the security of U.S. weapons systems against cyberattacks, including issuing new rules for acquisitions that will be finalized in coming months, officials told Reuters
Litigation, Investigation, and Law Enforcement
UK Police Deem Snowden Leak Investigation a State Secret (Intercept) British police claim a criminal investigation they launched into journalists who have reported on leaked documents from Edward Snowden has to be kept a secret due to a "possibility of increased threat of terrorist activity"
US Threatened Germany Over Snowden, Vice Chancellor Says (Intercept) German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. "They told us they would stop notifying us of plots and other intelligence matters," Gabriel said
Esma mulls helping in battle against cyber-attack (Financial News) Europe's top market watchdog has said that it may be able to play a critical role in battling cyber-crime, and that further work is needed on national defence programmes
Chicago Police fighting to keep cellphone trackers secret (Chicago Sun-Times) The Chicago Police Department is fighting to keep a lid on how, when and where officers have used covert cellphone tracking systems — with an outside law firm billing the city more than $120,000 to battle a lawsuit that seeks those secret details