Cyber Security News of the Week, February 10, 2013by Fred F. Farkel, Monday, February 11th, 2013
Guest column by Citadel Information Group
Secret Service investigating hack of Bush family e-mails: The Secret Service said Friday that it is investigating the theft of numerous personal e-mails from members of the Bush family, after an apparent hacker leaked the e-mails and Bush family photos to the Smoking Gun’s Web site. The Washington Post, February 8, 2013
Security Firm Bit9 Hacked, Used to Spread Malware: Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered an electronic compromise that cuts to the core of its business: helping clients distinguish known “safe” files from computer viruses and other malicious software. KrebsOnSecurity, February 8, 2013
Crooks Net Millions in Coordinated ATM Heists: Organized cyber criminals stole almost $11 million in two highly coordinated ATM heists in the final days of 2012, KrebsOnSecurity has learned. The events prompted Visa to warn U.S. payment card issuers to be on high-alert for additional ATM cash-out fraud schemes in the New Year.KrebsOnSecurity, February 6, 2013
Federal Reserve Admits It was Briefly Hacked During Super Bowl: Two days after the group Anonymous boasted it had broken into a government Web site and had the data dump to prove it, the U.S. Federal Reserve admitted it was hacked. ThreatPost, February 5, 2013
China cyberspies highlighted by Schmidt book, Post report: Hot on the heels of reports from The New York Times and The Wall Street Journal, another storied U.S. newspaper – The Washington Post – has confirmed that it too was attacked by what it suspects were Chinese hackers. And a new book from Google’s Eric Schmidt reportedly calls the Asian country “the most sophisticated and prolific” hacker of foreign companies. CNet, February 2, 2013
Source: Washington Post Also Broadly Infiltrated By Chinese Hackers in 2012: The Washington Post was among several major U.S. newspapers that spent much of 2012 trying to untangle its newsroom computer networks from a Web of malicious software thought to have been planted by Chinese cyberspies, according to a former information technology employee at the paper. KrebsOnSecurity, February 1, 2013
The Threat of Silence: Meet the groundbreaking new encryption app set to revolutionize privacy and freak out the feds. Slate, February 4, 2013
FTC Endorses New Privacy Guidelines, Do Not Track for Mobile Apps, Devices: Hoping to ramp up privacy on mobile devices such as smartphones and tablets, the Federal Trade Commission (FTC) has released a series of suggestions to help app developers, advertising networks and device companies better protect their users online.ThreatPost, February 4, 2013
New Whitehole Exploit Toolkit Emerges on the Underground Market: IDG News Service – A new exploit kit called Whitehole has emerged on the underground market, providing cybercriminals with one more tool to infect computers with malware over the Web, security researchers from antivirus vendor Trend Micro reported Wednesday. CIO, February 7, 2013
‘Fragmentation’ leaves Android phones vulnerable to hackers, scammers: In late October, researchers at North Carolina State University alerted Google to a security flaw that could let scam artists send phony text messages to Android phones – a practice called “smishing” that can ensnare consumers in fraud. The Washington Post, February 6, 2013
Android malware emerges on Google Play which installs a trojan on your PC, uses your microphone to record you: We’ve seen malware for PCs that infects mobile devices, but it turns out there’s also malware for mobile devices designed to infect PCs. Kaspersky researchers have discovered a new piece of Android malware that masquerades as a “cleaner” app meant to free memory for Google’s operating system but wreaks havoc on your smartphone in the background and on Microsoft’s operating system when it’s connected to a PC. TNW, February 3, 2013
Pro-Grade Point-of-Sale Skimmer: Every so often, the sophistication of the technology being built into credit card skimmers amazes even the experts who are accustomed to studying such crimeware. This post focuses on one such example – images from one of several compromised point-of-sale devices that used Bluetooth technology to send the stolen data to the fraudsters wirelessly. KrebsOnSecurity, February 1, 2013
Cyber Security Management
Ex-Employees Say It’s OK To Take Corporate Data With Them: New Symantec survey finds nearly 70 percent of employees who recently left or were fired from their job say their organizations don’t prevent them from using confidential info. DarkReading, February 7, 2013
More Executives Worry About Cyberattacks, Study Says: More corporate executives are concerned about cyberattacks and data breaches than property damage and investment risk, according to a survey commissioned by insurer American International Group Inc. The Wall Street Journal, February 6, 2013
Calling general counsel to the front lines of cybersecurity: As President Barack Obama studies how the U.S. military should respond to an increasing number of cyber attacks against public and private institutions, general counsel would be wise to examine their own companies’ situations. Daily Report, February 6, 2013
Backup Databases: The Data Security Achilles’ Heel: The same sensitive information on production databases resides on backups – protect them accordingly. Dr. Stahl is quoted in this story. DarkReading, February 5, 2013
Cyber Security Management – Cyber Update
Barracuda Issues Security Update, Apologizes To Customers: Barracuda Networks Monday issued a product update designed to address some of the security vulnerabilities that have been identified in some of its appliances, as well as a mea culpa for building hardcoded, undocumented backdoors into its products.InformationWeek, February 7, 2013
Critical Flash Player Update Fixes 2 Zero-Days: Adobe today pushed out an emergency update that fixes at least two zero-day vulnerabilities in its ubiquitous Flash Player software – flaws that attackers are already exploiting to break into systems. Interestingly, Adobe warns that one of the exploits in use is designed to drop malware on both Windows and Mac OS X systems. KrebsOnSecurity, February 7, 2013
Critical Java Update Fixes 50 Security Holes: Oracle Corp. has issued an update for its Java SE software that plugs at least 50 security holes in the software, including one the company said was actively being exploited in the wild. KrebsOnSecurity, February 3, 2013
Cyber Security Management – Cyber Defense
The Dreaded Captcha: Beginning Of The End?: If those all-but-impossible-to-read Captchas disappeared tomorrow, would anyone lament their demise?InformationWeek, February 1, 2013
Cyber Security Management – Payment Card Industry
PCI Council Releases Guidelines for Cloud Compliance: CIO – Cloud providers and cloud customers now have a roadmap that defines their security responsibilities in the cloud.CIO, February 7, 2013
Cyber Security Management – HIPAA
Blood Bank with Big Breach Settles with the FTC: CBR Systems Inc., a cord blood bank vendor, has settled with the Federal Trade Commission and agreed to a proposed consent order to improve its information security practices following a major breach of protected health information in December 2010. HealthDataManagement, January 30, 2013
Cyber Security Management – Critical Infrastructure
We need a cybersecurity policy: Reports are that the latest round of cyber-attacks have been aimed at large media outlets like the New York Times, Wall Street Journal and Washington Post. Before media, large banks and other financial institutions were being targeted. Before the financial industry, it was something else. All the while, the U.S. government is under constant bombardment from potential cyber threats probing for weaknesses. NetworkWorld, February 4, 2013
Microsoft, Symantec Hijack ‘Bamital’ Botnet: Microsoft and Symantec said Wednesday that have teamed up to seize control over the “Bamital” botnet, a multi-million dollar crime machine that used malicious software to hijack search results. The two companies are now using that control to alert hundreds of thousands of users whose PCs remain infected with the malware. KrebsOnSecurity, February 7, 2013
Securing the Village
NIST Seeks Comments to Final Public Draft of Major Federal Cybersecurity Document:The National Institute of Standards and Technology (NIST) is requesting comments on the final public draft of Security and Privacy Controls for Federal Information Systems and Organizations, Special Publication (SP)800-53, Revision 4. The document, two years in the making, is the latest revision to a document that is considered the principal catalog of security safeguards and countermeasures that federal agencies use to protect their information and information systems. NIST, February 6, 2013
Flaw Flood Busts Bug Bank: The Common Vulnerability & Exposures (CVE) index, the industry standard for cataloging software security flaws, is growing so rapidly that it will soon be adding a few more notches to its belt: The CVE said it plans to allow for up to 100 times more individual vulnerabilities to be indexed each year to accommodate an increasing number of software flaw reports. KrebsOnSecurity, February 4, 2013
National Cyber Security
Department of Energy Compromised in Sophisticated Attack: Hackers targeted and compromised computer networks at United States Department of Energy headquarters in Washington DC two weeks ago, according to a report published by the Washington Free Beacon earlier this morning. ThreatPost, February 4, 2013
Broad Powers Seen for Obama in Cyberstrikes: WASHINGTON – A secret legal review on the use of America’s growing arsenal of cyberweapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad, according to officials involved in the review. The New York Times, February 3, 2013
Cyber Attacks on Press Reveal Gap in US Diplomacy: On January 30, The New York Times reported that it had been under sustained cyber attacks from Chinese hackers who had infiltrated their system to steal login credentials and information from its reporters and employees. The Times noted that the attacks coincided with its coverage concerning the massive financial holdings of relatives of China’s prime minister, Wen Jiabao, and continued for months. Using tactics similar to those previously attributed by security experts to the Chinese military, the attackers weaved their communications through U.S. university systems in an attempt to mask their origin. One day later, The Wall Street Journal reported that its computer systems also have been subjected to “”wide-ranging electronic surveillance” by Chinese attackers in an attempt to gain intelligence on the publication’s coverage of Chinese issues. The articles revealed that Bloomberg LP and Thomson Reuters PLC have acknowledged that they, too, have suffered attacks, but they have not indicated who may have been behind them. Forbes, February 1, 2013
Securing the Village-Events Calendar
Cloud Security Alliance – Los Angeles Chapter; February 13, 2013: “Can encryption help alleviate concerns about moving to the cloud?” For more information and to register, go to meetup.com/LASC-CSA/.
ISSA-LA February Lunch Meeting; February 20, 2013. Bring your CFO to Work Day: 5 Tips for Optimizing the InfoSec/ Finance Relationship. For more information and to register, visit ISSA-LA.
ISSA-Ventura County February Dinner Meeting; February 21, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak at the monthly meeting of the Ventura County ISSA Chapter. The meeting is held at Cal Lutheran University. For more information please contact email@example.com or call 805-876-4229.
ISSA-LA March Dinner Meeting; March 20, 2013. For more information and to register, visit ISSA-LA.
NAWBO Ventura County March Dinner Meeting, March 22, 2013: Citadel Vice President Ms. Kimberly Pease, CISSP, will speak on cybersecurity at the monthly meeting of the Ventura County Chapter of the National Association of Women Business Owners. In her talk The Growing Cyber Threat: Why the Bad Guys are Winning!, Kimberly will identify threats to information and computers, review common weaknesses being exploited by the bad guys and offer proactive steps you can take at business and at home to increase your security posture and decrease your exposure.
ISSA-LA April Lunch Meeting; April 17, 2013. For more information and to register, visit ISSA-LA.
Santa Monica Rotary Club; Lunch Meeting, May 3, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak on cybersecurity at the weekly meeting of the Santa Monica Rotary Club. In this non-technical talk – It Takes the Village to Secure the Village SM – Dr. Stahl discusses the financial implications of cyber crime, illustrates how cyber criminals take control of a user’s computer, describes the limitations of technology, summarizes emerging cyber security laws, regulations and practices, and provides practical tips to lower the risk of becoming a victim.
ISSA-LA Fifth Annual Information Security Summit; May 21, 2013: Join over 500 of your colleagues and peers at the Universal City Hilton. Special Keynote Speaker: Howard Schmidt, former White House CyberSecurity Coordinator. For more information and to register, visit ISSA-LA. Special Early-Bird pricing until March 1.
Citadel Information Group … Delivering Information Peace of Mind ® to Business and the Not-for-Profit Community
The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.