Monday, April 29, 2013

Cyber Security News for the Week of April 29, 2013




Cyber Security News of the Week
From our friends at Citadel Information Group

Cyber Crime

Cyberattackers hack into LivingSocial, 50 million customers impacted: LivingSocial, the daily deals site owned in part by Amazon, has suffered a massive cyberattack on its computer systems, according to officials at the company. USA Today, April 26, 2013

Sources: Tea Leaves Say Breach at Teavana: Multiple sources in law enforcement and the financial community are warning about a possible credit and debit card breach at Teavana, a nationwide tea products retailer. Seattle-based coffee giant Starbucks, which acquired Teavana late last year, declined to confirm a breach at Teavana, saying only that the company is currently responding to inquiries from card-issuing banks and credit card brands. KrebsOnSecurity, April 22, 2013

Cyber Attack

Hackers compromise AP Twitter account: Hackers compromised Twitter accounts of The Associated Press on Tuesday, sending out a false tweet about an attack at the White House. CBS News, April 23, 2013

Syria's pro-Assad hackers are hijacking high-profile Twitter feeds: The Syrian Electronic Army, an informal network of hackers who wage cyberwar in support of the Syrian government and President Bashar al-Assad, have found yet another way to harass Western Web users. Hackers identifying as part of the Syrian Electronic Army have hijacked a series of Twitter feeds over the last few weeks. The targeted feeds tend to be associated with Western organizations, particularly ones that somehow cover Syria. The Washington Post, April 22, 2013

Cyber Underworld

BRAZEN CRIMEWARE MARKETING BRANCHES OUT TO SOCIAL NETWORKS: The secrecy of underground forums where financial malware and crimeware kits are traded is well guarded, to the point that few are able to penetrate them without some kind of internal sponsor. Here, criminals value their privacy as much as those from whom they steal. ThreatPost, April 26, 2013

MALWARE C&C SERVERS FOUND IN 184 COUNTRIES: In an attempt to better evade detection, cybercriminals are increasingly configuring their command and control infrastructure in such a way that initial malware callbacks communicate with a server located in the same country as the newly infected machines. ThreatPost, April 23, 2013

Cyber Warning

Hackers increasingly target shared Web hosting servers for use in mass phishing attacks: Cybercriminals increasingly hack into shared Web hosting servers in order to use the domains hosted on them in large phishing campaigns, according to a report from the Anti-Phishing Working Group (APWG). ThreatPost, April 26, 2013

VULNERABILITY IN VIBER FOR ANDROID ENABLES LOCK SCREEN BYPASS: Another day, another smartphone lock screen bypass vulnerability. ThreatPost, April 25, 2013

Fireeye Finds Gh0stRAT Cyberespionage Campaigns Continue: Many advanced persistent threat attacks use the malware, believed to have been developed in China CIO, April 24, 2013

Researcher's Serial Port Scans Find More Than 100,000 Hackable Devices, Including Traffic Lights And Fuel Pumps: You probably remember serial ports as the ancient nine-pin plugs you once used to hook up your mouse or joystick to your computer in the pre-USB dark ages. But tracking down devices that still use serial port connections isn't so hard, it seems. In fact, according to H.D. Moore, any hacker can find-and tamper with-more than 100,000 of them over the Internet, including critical systems ranging from traffic lights to fuel pumps to building heating and cooling systems to retail point-of-sale devices. Forbes, April 23, 2013

JAVA SANDBOX BYPASS DISCOVERED THAT BREAKS LATEST UPDATE: Optimism and praise followed last week's Java critical patch update. Oracle not only patched 42 vulnerabilities in the Java browser plug-in, but also added new code-signing restrictions and new prompts warning users when applets are potentially malicious. It took less than a week, however, to deflate any good will toward Java that resulted. ThreatPost, April 23, 2013

New Malware Hijacks Twitter Accounts for Financial Fraud: Cyber criminals are always looking for new ways to avoid detection, escape cyber sleuths, and carry out their cyber crimes. So it shouldn't be surprising that malicious hackers are now taking advantage of social media. A newly discovered malware, designed to gain access to users' banking credentials, uses Twitter to spread itself and reach more victims. Mashable, April 22, 2013

Cyber Threat

Businesses Face Growing Threat From Hackers: With government scrambling to fight cyber threats, the private sector sees a growing need to protect itself. US News and World Report, April 26, 2013

New Research Shows Remote Users Expose Companies To Cybercrime: BROOMFIELD, Colo., April 23, 2013 /PRNewswire/ - Results of new remote access security research show half of companies with a remote workforce had their websites compromised in 2012, over a third had passwords hacked, and twice as many companies with remote users were victims of SQL injection attacks. DarkReading, April 23, 2013

Hacktivists Change Tactics From Data Breaches to Disruption: Verizon: The amount of data hacktivists stole plunged in 2012 as politically motivated hackers focused more on DDoS, but state-sponsored attackers and cyber-crooks picked up the slack. eWeek, April 23, 2013

Cybercrime's easiest prey: Small businesses: A data breach investigations report from Verizon (VZ, Fortune 500), released Tuesday, showed that small businesses continue to be the most victimized of all companies. CNN, April 23, 2013

Report: DDoS Attacks Getting Bigger, Faster Than Ever: Distributed denial-of-service (DDoS) attacks are steadily increasing in size and speed, creating new problems for enterprise defenses, according to a study published today. DarkReading, April 22, 2013

Online Bank Fraud

Lawsuits Bring Clarity To SMBs In Corporate Account Takeovers: Small businesses have had millions of dollars stolen from their accounts by online thieves; court cases have started creating a clear picture of responsibilities. DarkReading, April 22 2013

Cyber Security Management - Cyber Defense

Tech Insight: Time To Set Up That Honeypot:Many companies are simply doing security wrong. While they might have perimeter security nailed down, they are probably failing at securing their workstations from insider abuse or have no true visibility as to what's going on within their internal networks. DarkReading, Apri 26, 2013

Social engineering in penetration tests: 6 tips for ethical (and legal) use: Social engineering techniques are often crucial to executing penetration tests. But which methods cross the ethical line - or even venture into the dangerous territory of illegal? CSO, April 23, 2013

Cyber Security Management

Many Hacked Businesses Remain Unprepared For The Next Breach: New Ponemon report finds three-fourths of hacked organizations either have had or expect to have a breach that loses them customers and business partners DarkReading, April 24, 2013

Cyber Privacy

It's privacy versus cybersecurity as CISPA bill arrives in Senate: Cybersecurity and online privacy are two critical interests that seem destined never to get along. Sure, you want malicious hackers, spammers, and other Internet lowlifes brought to justice-but you also want to protect your online data. PC World, April 25, 2013

IN FOCUS: The Directive: In this Q&A, Timothy Toohey, CIPP/US, CIPP/E, of Snell & Wilmer, discusses the tensions and controversies within the proposed EU data protection regulation. IAAP, April 22, 2013

Securing The Village

GOOGLE JOINS FIDO ALLIANCE EFFORT TO MOVE BEYOND PASSWORDS: Google, which gradually has been moving its users away from using passwords as their main form of authentication for Web services, has joined a young organization whose goal is to phase out passwords and replace them with various forms of strong authentication. The FIDO Alliance, formed last year, is working to make two-factor authentication the default mechanism for authentication through the establishment of an open standard for strong authentication. ThreatPost, Aprul 26, 2013

National Cyber Security

EXECUTIVE ORDER EXPANDS WARRANTLESS NETWORK MONITORING TO INCLUDE CRITICAL INFRASTRUCTURE: A little-known policy through which the Departments of Justice, Defense, and Homeland Security offered prosecutorial immunity to companies that helped the U.S. military monitor Internet traffic on the private networks of defense contractors has reportedly been expanded by Executive Order to include a score of other "critical infrastructure" industries, according to information obtained as part of a Freedom of Information Act lawsuit filed by the Electronic Privacy Information Center (EPIC). ThreatPost, April 25, 2013

U.S. and China Put Focus on Cybersecurity: BEIJING - The United States and China held their highest-level military talks in nearly two years on Monday, with a senior Chinese general pledging to work with the United States on cybersecurity because the consequences of a major cyberattack "may be as serious as a nuclear bomb." The New York Times, April 22, 2013

Stuxnet and the Dawn of Algorithmic Warfare: Though autonomous, destructive robots are a long-time, hackneyed science fiction plot, for some time, this new kind of warfare has been shifting from yesterday's movie to today's reality. But unforeseen by the imaginations of both headline and science fiction writers, it was not a missile-laden drone or humanoid Terminator that introduced this new kind of combat, but a piece of software. Stuxnet, part of the "Olympic Games" covert assault by the United States and Israel on Iranian nuclear capability, appears to be the first autonomous weapon with an algorithm, not a human hand, pulling the trigger. While the technology behind Stuxnet or other autonomous weapons is impressive, there has been little or no ethical debate on how (or indeed whether) such weapons should be used. ACUS, April 17, 2013

Cyber Law

Finding Common Threads in Privacy and Information Security Laws: The sheer number and variety of laws and regulations that can apply to even small businesses handling sensitive information can be daunting, if not overwhelming. In some instances, it may be almost impossible for even a large, sophisticated organization to identify all applicable laws, reconcile inconsistencies, and then implement a compliance program. In this discussion, the goal is not to discuss any specific laws or regulations, but to identify three common threads that run through many of them. By understanding those common threads, businesses can more easily understand their baseline compliance obligations. CSO, April 26, 2013

Cyber Survey

VERIZON DBIR TAKES FIRST DEEP DIVE INTO CYBERESPIONAGE: Targeted cyberespionage attacks have dominated discussions within the security community and outside of it from the mainstream media to the halls of the executive and legislative branches of government. But until now, discussions about attacks stemming from China that target intellectual property from engineering, manufacturing and military interests in the United States, have been anecdotal and one-off analyses of specific breaches. ThreatPost, April 22, 2013

No 'One Size Fits All' In Data Breaches, New Verizon Report Finds: Verizon Data Breach Investigations Report 2013 says financial cybercrime accounting for three-fourths of real-world breaches, followed by cyberespionage in one-fifth of breaches. DarkReading, April 22, 2013

One in five data breaches are the result of cyberespionage, Verizon says: IDG News Service - Even though the majority of data breaches continue to be the result of financially motivated cybercriminal attacks, cyberespionage activities are also responsible for a significant number of data theft incidents, according to a report that will be released Tuesday by Verizon. CIO, April 22, 2013

Cyber Sunshine

Dutchman Arrested in Spamhaus DDoS: A 35-year-old Dutchman thought to be responsible for launching what's been called "the largest publicly announced online attack in the history of the Internet" was arrested in Barcelona on Thursday by Spanish authorities. The man, identified by Dutch prosecutors only as "SK," was being held after a European warrant was issued for his arrest in connection with a series of massive online attacks last month against Spamhaus, an anti-spam organization. KrebsOnSecurity, April 26, 2013

Leadership

Is It Okay to Show Vulnerability?: Leaders should show a sense of vulnerability. Forbes, April 23, 2013

Securing the Village - Events Calendar

Santa Monica Rotary Club; Lunch Meeting, May 3, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak on cybersecurity at the weekly meeting of the Santa Monica Rotary Club. In this non-technical talk - It Takes the Village to Secure the Village SM - Dr. Stahl discusses the financial implications of cyber crime, illustrates how cyber criminals take control of a user's computer, describes the limitations of technology, summarizes emerging cyber security laws, regulations and practices, and provides practical tips to lower the risk of becoming a victim.

ISSA-LA Fifth Annual Information Security Summit; May 21, 2013: Join 800 of your colleagues and peers at the Universal City Hilton. Special Keynote Speaker: Howard Schmidt, former White House CyberSecurity Coordinator. For more information and to register, visit ISSA-LA.

SecurityRecruiter.com's Security Recruiter Blog