Monday, December 24, 2012

Cyber Security News for the Week of December 24, 2012

From our friends at Citadel Information Group

Cyber Warning
Ransomware Extortion Scam Locks Machines, Demands Payment: The latest ransomware scam is locking down infected machines and displaying localized webpages warning users that their computer contains "banned material" and won't be unlocked until a fine is paid, according to a report from McAfee's Naganathan Jawahar. ThreatPost, December 21, 2012

Shocking Delay in Fixing Adobe Shockwave Bug: The Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT) is warning about a dangerous security hole in Adobe's Shockwave Player that could be used to silently install malicious code. The truly shocking aspect of this bug? U.S. CERT first warned Adobe about the vulnerability in October 2010, and Adobe says it won't be fixing it until February 2013. KrebsOnSecurity, December 19, 2012

Malware-Infested Sudoku Puzzles Researchers: A "blast from the past" surfaced recently among those who play Microsoft Excel-based Sudoku puzzles: malware spread by macros. ThreatPost, December 19, 2012

New Apache Exploit Doling Out Zeus, Sweet Orange Exploit Kit: UPDATE - A new Apache module, Linux/Chapro.A, is making the rounds, injecting malicious content including a popular Zeus variant into web pages. ThreatPost, December 19, 2012

It was inevitable: Malware-infested PowerPoint exploits Mayan Doomsday fears: It was bound to happen. I'm just surprised we haven't seen more of it up to this point. CSO, December 19, 2012

US-CERT Warns of Adobe Shockwave Xtras Vulnerabilities: UPDATE - US-CERT issued advisories against a trio of Adobe Shockwave vulnerabilities that could allow an attacker to remotely execute code on systems running the vulnerable media player. ThreatPost, December 19, 2012

Cyber Update
VMware Patches Directory Traversal Vulnerability in View Server and Security Server: Virtualization vendor VMware has patched a critical vulnerability in its VMware View desktop virtualization product that could have led to a directory traversal attack and an attacker reading or downloading files without the need for authentication. ThreatPost, December 19, 2012

Cyber Privacy
FTC Demands Companies Disclose How They Gather, Use Consumer Data: The Federal Trade Commission Tuesday demanded nine data brokerage companies turn over details on how they collect and use consumer information as part of an inquiry into the industry's business practices. ThreatPost, December 18, 2012

CyberSecurity Management
Are Cloud Providers Absentee Landlords On Cybersecurity?: Would you trust your sensitive corporate data in the hands of a stranger? Recent Amazon and Apple iCloud experiences tells us that cloud security across the board, needs to be enhanced, now, not later. Taking a look and understanding security strategies and responsibilities from both cloud providers and customers can help to prevent further failures. Guest Post by Marc Maiffret. Forbes, December 21, 2012

It's time to start patching the Human OS: SANS' Lance Spitzner wonders why we invest so much each year in security technologies but still fail to patch the most vulnerable element of all - the Human OS. Computers and mobile devices store, process and transfer highly valuable information. As a result, your organization most likely invests a great deal in protecting them. Protect the end point and you protect the information. Humans also store, process and transfer information - people are in many ways nothing more than another operating system, the Human OS. CSO Security Leadership, December 19, 2012

CyberSecurity Management - HIPAA
Taking Healthcare IT Seriously Demands Culture Changes: Healthcare is moving cautiously into cloud computing, virtualization, BYOD and other IT innovations. And there's good reason for the caution. Until an organization's IT leaders take meaningful steps to change what's typically seen as a lackadaisical privacy and security culture, the risk of patient-information loss remains high and costly. CIO, December 19, 2012

CyberSecurity Management - Cyber Defense
How Hackers Protect Themselves From Getting Hacked: When Adrian Lamo goes online, he leaves nothing to chance. To log in to personal accounts, he uses a digital password generator - a plastic key chain-like device that displays a new string of digits every 60 seconds. He adds an extra layer of security to some accounts by entering a special code that he receives via text message. And he uses browser extensions to avoid downloading malware by accidentally visiting dangerous Web sites. Huffington Post, December 20, 2012

CyberSecurity Management - Critical Infrastructure
Poor SCADA Security Will Keep Attackers and Researchers Busy in 2013: An increasing number of vulnerability researchers will focus their attention on industrial control systems (ICS) in the year to come, but so will cyberattackers, security experts believe. CIO, December 21, 2012

Long Shadow Of Stuxnet Inspires Custom Anti-Malware Project: Another sign of how Stuxnet is reshaping the SCADA security world: One major global supplier and integrator in offshore drilling, subsea, and merchant marine operations pushed for the creation of a custom malware protection solution that better fits operationally sensitive critical infrastructure environments. Dark Reading, December 13, 2012

Cyber Misc
Britain Declines To Prosecute Alleged NASA Hacker: The British government has declined to prosecute Gary McKinnon, 46, who had been accused of perpetrating "the biggest military computer hack of all time." As a result, more than a decade after the alleged crimes occurred, McKinnon is now a free man. Information Week, December 17, 2012

5 tips to retain great security talent: You want the best on your security team. And once you've got them, you want to keep them happy and keep them in your organization. CSO Online, December 17, 2012

The 6 People You Need in Your Corner: Nothing incredible is accomplished alone. You need others to help you, and you need to help others. With the right team, you can form a web of connections to make the seemingly impossible practically inevitable. Forbes, December 17, 2012

National Cyber Security
Report: U.S., Israel Fingered In Latest Data-Annihilation Attack: Remember that rudimentary data-wiping malware found on a few computers in Iran this month? Most security experts pegged it as a simple, unsophisticated copycat of more sophisticated data-destruction malware attacks. But in the latest twist, Industrial Safety and Security Source reported this week that the malware was courtesy of a U.S.-Israel attack, citing unnamed CIA sources who also say the attacks preceded the August Shamoon attack that hit Saudi Aramco and Iran's oil ministry. Dark Reading, December 21, 2012

Securing the Village-Events Calendar
Cloud Security Alliance-LA January Dinner Meeting; January 9, 2013. For more information and to register, go to

ISSA-LA January Lunch Meeting; January 16, 2013. Topic: Physical Access for IT Professionals: What you don't know could already be hurting you. Speaker: Terry Gold. Visit ISSA-LA.ORG for more information and to register.

OWASP-LA Monthly Dinner Meeting; January 23, 2013. For more information and to register, go to

ISC2-LA February Meeting; February 5, 2013: Email Bill Zajac at for more information.

ISSA-LA February Lunch Meeting; February 20, 2013.

ISSA-LA March Dinner Meeting; March 20, 2013.

Santa Monica Rotary Club; May 3, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak on cybersecurity at the weekly meeting of the Santa Monica Rotary Club. In this non-technical talk - It Takes the Village to Secure the Village SM - Dr. Stahl discusses the financial implications of cyber crime, illustrates how cyber criminals take control of a user's computer, describes the limitations of technology, summarizes emerging cyber security laws, regulations and practices, and provides practical tips to lower the risk of becoming a victim.

ISSA-LA Fifth Annual Information Security Summit; May 21, 2013: SAVE THE DATE. Join over 500 of your colleagues and peers at the Universal City Hilton. Special Keynote Speaker: Howard Schmidt, former White House CyberSecurity Coordinator.'s Security Recruiter Blog