Monday, July 20, 2015

Cyber Security News and Education for the Week of July 20, 2015





Cyber Crime

CVS, Walmart: More Third-Party Breaches?: A possible payments breach at a third-party vendor used by CVS and Walmart Canada to manage their online photo services highlights why vendor management is a critical security issue. BankInfoSecurity, July 17, 2015

Cyber Privacy

Google Exec Turned Obama Official Won’t Describe Magic Solution to Encryption Debate: According to Alan Davidson, former Google executive turned Commerce Department official, strong encryption and law enforcement interests are not “irreconcilable.” But he won’t speculate as to how that’s possible. TheIntercept, July 15, 2015

Identity Theft

UCLA Health System hit by cyber attack affecting 4.5 million patients: In another high-profile data breach, hackers broke into UCLA Health System’s computer network and may have accessed sensitive information on as many as 4.5 million patients. Citadel’s Dr. Stan Stahl interviewed by NBC4 Reporter Ted Chen. NBC4 Video, July 17, 2015
Federal personnel files still very vulnerable and ‘prime targets’ for hackers, audit finds: An audit due out Friday found 3,000 “critical” and “high-risk” vulnerabilities in three key bureaus at the Interior Department, the agency hosting the hacked personnel files of 4.2 million federal employees. The Washington Post, July 16, 2015

Cyber Warning

Hacking Team’s malware uses a UEFI rootkit to survive operating system reinstalls: The feature allows the company’s software to persist even if the hard disk drive if replaced. PCWorld, July 14, 2015
Mozilla Blocks Flash Player on Firefox: Mozilla has blocked all versions of Adobe Flash Player in its Firefox browser after a recent breach left Flash vulnerable to attack. PC Magazine, July 14, 2015
Third Hacking Team Flash Zero-Day Found: For the third time in a week, researchers have discovered a zero-day vulnerability in Adobe’s Flash Player browser plugin. Like the previous two discoveries, this one came to light only after hackers dumped online huge troves of documents stolen from Hacking Team — an Italian security firm that sells software exploits to governments around the world. KrebsOnSecurity, July 13, 2015

Cyber Security Management

Why Cybersecurity Leadership Must Start At The Top: If the past year has shown us anything, it’s that companies should no longer ask if they are going to be hacked and instead when. With every company becoming digital, the pace of change is only accelerating and our ability to make the right decisions on cybersecurity needs to move even faster. Some estimate that between $9 and $21 trillion of global economic value creation could be at risk if companies and governments are unable to successfully combat cyber threats. Forbes, July 13, 2015
The CSA is the new VIP of information security: In the piece I wrote in December (“What the Sony breach means for security in 2015″), I noted that while a good CISO is important; great security architects are critical. While a CISO may get the glory; security architects are what most organizations need. CSO, July 9, 2015
2015 State of Cybercrime: Enterprise fight is stuck in stall: The year of cybercrime since our most recent US State of Cybercrime Survey has been nothing less than stunning. There were the Home Depot and JP Morgan Chase data breaches, the Sony Pictures fiasco, and most recently the devastating breach at the US Office of Personnel Management (OPM) that appears to be worse than first believed. CSO, July 9, 2015
Inside the Sony Hack: A cyber-invasion brought Sony Pictures to its knees and terrified corporate America. The story of what really happened—and why Sony should have seen it coming. A special three-part investigation. Fortune, July 2015

Cyber Security Management – Cyber Defense

Facebook info security chief: ‘Death to Adobe Flash': The social network’s Internet protection provocateur is wasting no time in his new post. He wants this buggy software condemned to death. Fortune, July 14, 2015
Apple Introduces Revamped Two-Factor Authentication for iOS 9 and OS X El Capitan: With the third betas of iOS 9 and OS X 10.11 El Capitan, Apple is introducing a revamped two-factor authentication system, according to both the beta release notes and a detailed support FAQ that outlines the changes. MacRumors, July 8, 2015

Cyber Security Management – Cyber Update

Adobe, MS, Oracle Push Critical Security Fixes: This being the second Tuesday of the month, it’s officially Patch Tuesday. But it’s not just Microsoft Windows users who need to update today: Adobe has released fixes for several products, including a Flash Player bundle that patches two vulnerabilities for which exploit code is available online. Separately, Oracle issued a critical patch update that plugs more than two dozen security holes in Java. KrebsOnSecurity, July 15, 2015

National Cyber Security

Cybersecurity task force looks to next administration: A group of former feds and industry experts are getting together to ensure major cybersecurity initiatives don’t fall through the cracks as more candidates pile into the 2016 race and Washington prepares for a transition in leadership. FederalTimes, July 16, 2015
Senator Sasse: The OPM Hack May Have Given China a Spy Recruiting Database: AS A NEWLY elected Senator, I am here to tell you a hard truth: Washington does not take cybersecurity seriously. Wired, July 9, 2015

Cyber Underworld

The Darkode Cybercrime Forum, Up Close: By now, many of you loyal KrebsOnSecurity readers have seen stories in the mainstream press about the coordinated global law enforcement takedown of Darkodeme, an English-language cybercrime forum that served as a breeding ground for botnets, malware and just about every other form of virtual badness. This post is an attempt to distill several years’ worth of lurking on this forum into a narrative that hopefully sheds light on the individuals apprehended in this sting and the cybercrime forum scene in general. KrebsOnSecurity, July 15, 2015
Darkode Shutdown: FireEye Intern Accused Of Creating $65,000 Android Malware: One of the more successful English-speaking cybercrime forums, Darkode, was shut down today and 28 arrests of individuals linked to the site made across the world, the FBI and Europol confirmed this morning. Charges were filed in the US against 12 individuals. They included the apparent Darkode creator, 27-year-old Wisconsin resident Daniel Placek, an alleged admin, Swedish 27-year-old Johan Anders Gudmunds, and the accused creator of Facebook Spreader, malware designed to ensnare users of the social network into a massive botnet – a network of infected machines. Forbes, July 15, 2015
Hacking Team Used Spammer Tricks to Resurrect Spy Network: Last week, hacktivists posted online 400 GB worth of internal emails, documents and other data stolen from Hacking Team, an Italian security firm that has earned the ire of privacy and civil liberties groups for selling spy software to governments worldwide. New analysis of the leaked Hacking Team emails suggests that in 2013 the company used techniques perfected by spammers to hijack Internet address space from a spammer-friendly Internet service provider in a bid to regain control over a spy network it apparently had set up for the Italian National Military Police. KrebsOnSecurity, July 13, 2015

Cyber Career

A closer look at the Certified Information Security Manager certification: The Certified Information Security Manager certification has been around for over a decade now, and it’s only grown in prominence. What makes the ISACA CISM so important and how does it compare to its peers? SearchSecurity, July 2015

Cyber Misc

United Airlines pays researcher bug bounty of 1M air miles: Security researcher Jordan Wiens will be flying after submitting a security flaw to the United Airlines bug bounty program, launched in May, and receiving one million air miles as a reward. SCMagazine, July 14, 2015
Beware Cybersecurity Charlatanism: As cybersecurity intersects with big money, rhetoric, mudslinging, and fallacies will add further confusion to an already muddled market. NetworkWorld, July 7, 2015
Argentina Rewards Programmer Who Exposed E-Voting Vulnerabilities With A Complimentary Home Police Raid: An Argentinian programmer who was trying to do a good thing in exposing severe vulnerabilities in the country’s e-voting system was rewarded for his actions — with a police raid on his home. According to Argentinian news outlet La Nación, Joaquín Sorianello informed MSA, the company than makes the e-voting system, that the SSL certificates used by the system to encrypt transmissions between the voting stations and the central election office could be easily downloaded, allowing for potential voting fraud (or just a good old-fashioned DDOS attack). TechDirt, July 7, 2015

Cyber Sunshine

Darkode bust: Feds shutter ‘cyber hornet’s nest of criminal hackers’ (+video): Federal investigators have seized and shut down Darkode, the largest English-speaking malware forum in the world. Christian Science Monitor, July 15, 2015
ID Theft Service Proprietor Gets 13 Years: A Vietnamese man who ran an online identity theft service that sold access to Social Security numbers and other personal information on more than 200 million Americans has been sentenced to 13 years in a U.S. prison. KrebsOnSecurity, July 15, 2015's Security Recruiter Blog