International News

---

"Only 100 cybercrime brains worldwide says Europol boss", BBC News, 10 October 2014. Head of Europol's Cyber Crime Center, Troels Oerting, advises law enforcement to focus on the relatively small number of true cybercriminals. Of only about 100 cybercriminal kingpins, Oerting says that a large number originate from Russian-speaking countries. (ID# 14-70000) See http://www.bbc.com/news/technology-29567782

"Criminals use Tyupkin Malware to empty ATMs of cash", PC Magazine Security Watch, 12 October 2014. ATMs across Russia, Europe, United States, India, and China have been infected with malware that allows attackers to drain cash from infected machines. Kaspersky Lab researchers report that the Tyupkin malware, which infects ATMs via bootable CDs, was only active in the late hours of Sundays and Mondays, in order to evade detection. (ID# 14-70001) See http://securitywatch.pcmag.com/malware/328362-criminals-use-tyupkin-malware-to-empty-atms-of-cash

"Russian 'Sandworm' hack has been spying on foreign governments for years", Wired, 14 October 2014. A cyberespionage campaign has been dubbed "Sandworm", and is believed to have targeted government, energy and telecommunication companies, and defense entities since 2009. The zero-day vulnerability used in Sandstorm utilizes malicious PowerPoint e-mail attachments, which installs an executable for opening backdoors. (ID# 14-70002) See http://www.wired.com/2014/10/russian-sandworm-hack-isight/

"Governments and businesses harvest voices", Channel Eye, 14 October 2014. Biometric-based security systems are made possible with help from companies like AGNITio, based in Madrid. Over 65 million voiceprints have been entered into corporate and government databases by such companies, with UK-based banking titan, Barclays, exploring the technology's capabilities to authenticate affluent clients. (ID# 14-70003) See http://channeleye.co.uk/governments-and-businesses-harvest-voices/

"China takes cyber war to Australia", SC Magazine UK, 14 October 2014. According to security firms FireEye/Mandiant and Context Information Security, Chinese hackers recently unleashed APT attacks on Australian mining and natural resource firms, as well as law firms with access to merger and acquisition details. A suspected state-sponsored attack, activity was observed only during Australian business hours in order to avoid detection. However, activity ceased significantly during Chinese public holidays. See http://www.scmagazineuk.com/china-takes-cyber-war-to-australia/article/377065/

"Two patched zero days targeting Windows Kernel", Threat Post, 15 October 2014. Two vulnerabilities designed to escalate privileges have been patched, says FireEye. The first flaw (CVE-2014-4148) embeds malicious Windows True Type Font (TTF) in a Microsoft Office file, which processes in kernel mode upon opening of the file. The second flaw (CVE-2014-4113) involves a remote system attack to access Windows Kernel. The two vulnerabilities were somewhat overshadowed by Sandworm. (ID# 14-70004) See http://threatpost.com/two-patched-zero-days-targeting-windows-kernel/108860


"China is already spying on Apple iCloud users, watchdog claims", The Register UK, 20 October 2014. Man-in-the-middle attacks on SSL connections to iCloud began during Apple's iPhone 6 release in China. Experts say Chinese state hackers intercepted connections to iCloud by using self-signed SSL certificates in place of Apple's. Firefox and Chrome will detect the false certificate, but the popularly used Chinese browser, 360 Secure Browser, will not. (ID# 14-70005) See http://www.theregister.co.uk/2014/10/20/watchdog_warns_chinese_government_is_already_hacking_apples_icloud/

"Most cloud apps flout EU data protection rules -- study", The Register UK, 21 October 2014. In a study by Skyhigh Networks, 72 per cent of cloud services most used by European corporations would be considered noncompliant under the proposed Data Protection Directive. Though not yet approved, the EU Data Protection regulations are sorely needed in many European organizations, as evidenced by lax security requirements in current operation. (ID# 14-70006) See http://www.theregister.co.uk/2014/10/21/skyhigh_data_protection_risks_survey/

"UK tops list of countries most under threat from cyber attack", IT Pro Portal, 20 October 2014. Security firm FireEye has concluded that the UK is most under threat from cyber-attacks, with Germany and Saudi Arabia not far behind. FireEye analyzed Advanced Persistent Threats (APTs) occurring in the first six months of 2014, observing attempts and targets. Findings confirm that Spain, Sweden, and France are the least attacked. (ID# 14-70007) See http://www.itproportal.com/2014/10/20/uk-tops-list-of-countries-most-under-threat-from-cyber-attack/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+itproportal%2Frss+(Latest+ITProPortal+News)

"China refutes new FBI hacking claims", SC Magazine UK, 20 October 2014. Sino-US Internet Working Group activity has halted as relations between the US and China continue to be strained. In May, US FBI charged five purported members of the Chinese People's Liberation (PLA) with hacking crimes against US companies. See http://www.scmagazineuk.com/china-denies-new-fbi-hacking-claims/article/378095/2/
"IAF asks personnel not to use Xiaomi phones", The Times of India, 24 October 2014. Chinese-manufactured Xiaomi Redmi 1s phones are suspected of transferring personal user data to servers in China. According to tests conducted by F-secure, a security solution company, the Xiaomi Redmi phones were forwarding information such as phone numbers, device identifiers, contact numbers, and text messages back to China. (ID# 14-70008) See http://timesofindia.indiatimes.com/india/IAF-asks-personnel-not-to-use-Xiaomi-phones/articleshow/44926994.cms


"Keyless cars 'increasingly targeted by thieves using computers'", BBC News, 27 October 2014. According to the Society of Motor Manufacturers and Traders (SMMT), organized criminal groups are targeting luxury cars that popularly use keyless entry and ignition. Attackers reprogram remote-entry keys in order to gain access to the car, often by purchasing software available online. (ID# 14-70009) See http://www.bbc.com/news/technology-29786320

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

US News

---

"Snapchat: Our servers were not breached in the 'Snappening', blame 3rd Party apps", TechCrunch, 10 October 2014. Some 200,000 photos belonging to Snapchat app users have been leaked. Dubbed "The Snappening", in reference to the recent celebrity nude photo leak, this latest privacy breach has users outraged and seeking explanations from Snapchat. Snapchat has denied a breach on their part. (ID# 14-70017) See http://techcrunch.com/2014/10/10/snapchat-our-servers-were-not-breached-in-the-snappening-blame-3rd-party-apps/

"DEFCON router hacking contest reveals 15 major vulnerabilities", Electronic Frontier Foundation, 7
October 2014. "SOHOpelessly Broken" DEFCON hacking contest highlights security vulnerabilities in home routers. Results indicated that discovered vulnerabilities are not limited to any one company, but rather affects nearly all router manufacturers. (ID# 14-70018) See https://www.eff.org/deeplinks/2014/08/def-con-router-hacking-contest-success-fun-learning-and-profit-many

"Signaling post-Snowden era, new iPhone locks out NSA", The New York Times, 26 September 2014. Apple promises encryption-by-default for the new iPhone 6, with each device creating its own individual code independent of Apple's interference - or anyone else's. FBI director, James Comey, criticizes the change as enabling users to operate above the law. Google's Android, which has already provided optional encryption for three years prior to the iPhone 6, will release encryption-by-default for its next version. (ID# 14-70019) See http://www.nytimes.com/2014/09/27/technology/iphone-locks-out-the-nsa-signaling-a-post-snowden-era-.html

"HP accidentally signed malware, will revoke certificate", Arstechnica, 10 October 2014. A digital certificate, used to sign software such as hardware drivers, is being revoked. HP was alerted that its certificate had been used to sign malware, a Windows Trojan that had infected an HP employee's PC. The revocation forces HP to re-issue software packages with a new digital signature. (ID# 14-70020) See http://arstechnica.com/security/2014/10/hp-accidentally-signed-malware-will-revoke-certificate/

"Dairy Queen confirms breach, Backoff malware intrusion at 395 US stores", SC Magazine, 10 October 2014. Systems at one Orange Julius and 395 Dairy Queen locations have been compromised, affecting customer payment information. The company has issued a statement saying no other personal information, such as SSNs or PINs, appears to have been compromised. The malware, Backoff, infects point-of-sale (POS) devices through brute-forcing the log-in feature of remote desktop software. (ID# 14-70021) See http://www.scmagazine.com/backoff-malware-infected-395-dairy-queen-locations-and-one-orange-julius/article/376735/

"Mobile Threat Monday: thousands of fake apps impersonate Facebook, Twitter, and more", PC Magazine Security Watch, 13 October 2014. 15,000 fake social networking apps have been discovered between January and August of 2014, Cheetah Mobile Threat Labs reports. Facebook, WhatsApp, and Twitter make up the three most popular copycats. These malicious clones target the user's personal information, and often times will charge premium SMS fees to the user's phone bill. (ID# 14-70022) See http://securitywatch.pcmag.com/mobile-security/321890-mobile-threat-monday-android-app-steals-text-messages-and-calls

"Android 5.0 (Lollipop) represents a leap forward in security terms", SC Magazine UK, 16 October 2014. Encryption by default is here for Android! The new update gives several bolstered nods to security, including a remote 'kill switch' to render stolen phones useless, Security-Enhanced Linux (SELinux), and a smart lock securing devices by Bluetooth. (ID# 14-70023) See http://www.scmagazineuk.com/android-50-lollipop-represents-a-leap-forward-in-security-terms/article/377586/2/

"Study: Average cost of U.S. cybercrime rises to $12.7 million in 2014", SC Magazine, 08 October 2014. The average cost of a cybercrime incident rose from 11.56 million USD in 2013 to 12.7 million in 2014. Though one might attribute this to a lack of security efforts on the part of businesses, this trend might actually indicate the opposite: as businesses develop better security methods, criminals have to find craftier ways to attack, which then causes businesses to have to spend more money on stopping increasingly sophisticated attacks. (ID: 14-50134) See http://www.scmagazine.com/cost-of-cybercrime-continues-to-increase-this-year/article/376035/

"ATM malware 'Tyupkin' found on over 50 machines in Europe, spreads to U.S.", SC Magazine, 07 October 2014. A strain of ATM malware known as "Tyupkin" has been used to steal millions of dollars from 32-bit Windows-based ATM machines in Eastern Europe, and has also spread to other continents. Tyupkin uses advanced methods to prevent detection, and has evolved to employ more and more evasion techniques since it was first discovered, according to Kaspersky Labs. (ID: 14-50135) See http://www.scmagazine.com/new-tyupkin-malware-has-spread-to-atms-in-the-us-and-other-countries/article/375948/

"Group infects more than 500K systems, targets banking credentials in U.S.", SC Magazine, 07 October 2014. Proofpoint security researchers identified a cybercrime group, which appears to be Russian, that has been using "Qbot" malware to sniff communications and extract banking credentials. The attackers have infected over 500,000 unique systems, with about 75% of the two million unique IP's sniffed being U.S.-based. (ID: 14-50136) See http://www.scmagazine.com/banking-credentials-targeted-by-russian-cybercrime-group/article/375914/

"Bash bug payload downloads KAITEN DDoS malware source code", SC Magazine, 06 October 2014. Researchers at Trend Micro have been monitoring a bash bug payload, TROJ_BASHKAI.SM, that utilized the Bash Bug (a.k.a. Shellshock) to download KAITEN malware onto vulnerable systems. Once a system has been infected, KAITEN can be used to remotely perform DDoS attacks and bring down a targeted organization. (ID: 14-50137) See http://www.scmagazine.com/bash-bug-payload-downloads-kaiten-malware/article/375650/

"Chase breach affects 76 million accounts, raises questions about detection failure", SC Magazine, 03 October 2014. After 76 million JPMorgan Chase customers had their contact information stolen in a breach that lasted months, the financial institution assured that no highly sensitive information was stolen. In accordance with a troubling trend of recent data breaches, user identity was the main vehicle of attack, which can make detection very hard. (ID: 14-50138) See http://www.scmagazine.com/the-chase-breach-lasted-for-two-months-and-impacted-76-million-household-accounts-and-seven-million-business-accounts/articl...

"FDA presents guidelines for medical device security", 02 October 2014. The FDA released a set of guidelines for medical device manufacturers on how to ensure security for medical devices and patient health data. During the design and development of medical devices, techniques such as multi-factor authentication, user privileges, and security compromise identification are should be observed by manufacturers. (ID: 14-50139) See http://www.scmagazine.com/the-food-and-drug-administration-offered-guidance-for-securing-medical-devices/article/375127/

"Dairy Queen Dipped with Backoff Malware Breach", Infosecurity Magazine, 10 October 2014. Some time between August and September, Backoff malware was used to steal names, payment card numbers, and payment card expirations dates from around 600,000 Dairy Queen customers. DQ has stated that it believes the malware has been contained, as is offering identity-repair services to customers. Over 1,000 U.S. businesses have been the victim of Backoff, including UPS and Supervalu. (ID: 14-50140) See http://www.infosecurity-magazine.com/news/dairy-queen-dipped-with-backoff/

"JPMorgan Hackers Go After 13 More Financial Institutions", Infosecurity Magazine, 10 October 2014. The same hackers that are responsible for the JPMorgan Chase attack (see ID: 14-50138) are suspected to be behind a possible attacks on thirteen other financial institutions. These attacks are part of a growing trend: through persistent, targeted attacks, hackers can gain privileged user credentials. Techniques like network segmentation can reduce the harm done by such attacks, but implementing these solutions is often difficult. (ID: 14-50141) See http://www.infosecurity-magazine.com/news/jpmorgan-hackers-go-after/

"AT&T Hit by Another Insider Breach", Infosecurity Magazine, 10 October 2014. A now ex- AT&T employee accessed sensitive user data, including Customer Proprietary Network Information (CPNI), driver's license numbers, and Social Security numbers without authorization. The telecom giant has sent an apology to customers who were affected. AT&T has been plagued by similar incidents in the past, including an incident in June where a worker was "apparently looking to generate codes that unlock devices." (ID: 14-50142) See http://www.infosecurity-magazine.com/news/att-mobile-warns-about-data-breach/

"Massive Qbot Botnet strikes 500,000 Machines Through WordPress", Infosecurity Magazine, 08 October 2014. Researchers believe that cybercriminals were able to use compromised WordPress accounts to compromise websites, and use those websites to download the "Qbot" dropper and other malware onto victim's computers. This malware is then used to steal banking credentials, of which it is estimated to have stolen hundreds of thousands. (ID: 14-50143) See http://www.infosecurity-magazine.com/news/massive-qbot-strikes-500000-pcs/

"New Mac Malware Uses Reddit to Communicate", Infosecurity Magazine, 03 October 2014. Researchers have identified an instance of malware that uses the popular internet site reddit.com to communicate with a command and control server. Mac.BackDoor.iWorm, as it is known, targets Macintosh computers primarily in English-speaking countries. What iWorm does with the victim's computer is not known as of the date of publication. (ID: 14-50144) See http://www.infosecurity-magazine.com/news/new-mac-malware-uses-reddit-to/

"Kmart hacked, customers' card numbers exposed", Computerworld, 10 October 2014. Sears Holding Corporation announced that malware was found to have infected payments systems at its Kmart retail stores. The malware has been removed, according to Sears, but was able to steal customer's payment card numbers since the beginning of the breach in early September. (ID: 14-50145) See http://www.computerworld.com/article/2824758/kmart-hacked-customers-card-numbers-exposed.html

"Snapchat denies it was hacked", Computerworld, 10 October 2014. Users of internet image-board 4chan obtained photos that were stolen from a massive Snapchat database by hackers, and allegedly plan to make a searchable database of the stolen content. Snapchat denies it was hacked, citing malicious third-party apps as the source of any "stolen" photos. (ID: 14-50146) See http://www.computerworld.com/article/2824626/snapchat-denies-it-was-hacked.html

"Symantec's board votes to split the company in two", Computerworld, 09 October 2014. Prominent IT security company Symantec decided to split into two independent entities, with one being dedicated to security and the other to information management. Top management cited the fact that both fields require "distinct strategies", so splitting the company will allow each half to better focus on its task. The split will take place over the course of the next year. (ID: 14-50147) See http://www.computerworld.com/article/2824180/symantecs-board-votes-to-split-the-company-in-two.html

"Microsoft researchers create a secure haven in the cloud", Computerworld, 09 October 2014. By utilizing two new tools for managing private memory and "sandboxing" applications in a virtual machine, Microsoft has developed a tool for keeping cloud applications secure. Haven, as it is called, protects applications by using "shielded execution": it acts as a barrier between applications and the computer systems that run them. (ID: 14-50148) See http://www.computerworld.com/article/2824364/microsoft-researchers-create-a-secure-haven-in-the-cloud.html

"Forensic software extracts iPhone data n even with iOS 8 encryption", GCN, 08 October 2014. Despite efforts to improve encryption in iOS 8, computer forensics and password recovery firm Passware, Inc. announced that its Passware Kit Forensic tool can acquire "call, messaging and browsing history, photos and videos, contacts and applications" from Apple devices from iCloud, as long as the Apple ID credentials are known. (ID: 14-50149) See http://gcn.com/articles/2014/10/08/passware-ios-forensics.aspx?admgarea=TC_SecCybersSec

"Cyberattacks trigger talk of ehacking backi", Washington Post, 09 October 2014. The idea of "hacking back" or "active defense" as a means of thwarting cybercriminals has always been generally frowned upon because of its risks and legal implications of retaliation. With large-scale damage caused by cyber attacks becoming increasingly common, however, some are warming up to the idea. (ID: 14-50150) See http://www.washingtonpost.com/business/technology/cyberattacks-trigger-talk-of-hacking-back/2014/10/09/6f0b7a24-4f02-11e4-8c24-487e92bc997b_story.html

"Paper: Great promise for online voting if security, verification challenges met", FierceGovernmentIT, 08 October 2014. The strict nature of voting security, accuracy, and anonymity make implementation of online voting a challenge, but when successful, online voting can cut costs and increase turnouts. Weaknesses in the security of online polling systems have very strong implications, making proper security measures a necessity. (ID: 14-50151) See http://www.fiercegovernmentit.com/story/paper-great-promise-online-voting-if-security-verification-challenges-met/2014-10-08

"Only top legislators informed of White House computer attack", Reuters, 30 October 2014. After a White House computer network was attacked in early October, only a small group of congressional leaders were initially notified because of the unusually sensitive nature of the attack. This group, known as the "Gang of Eight", normally serves the purpose of keeping Congress informed about "covert actions" by the CIA and other agencies. (ID: 14-50152) See http://www.reuters.com/article/2014/10/30/us-usa-whitehouse-cybersecurity-idUSKBN0IJ1YJ20141030

"Cyber breaches put 18.5 million Californians' data at risk in 2013: report", Reuters, 28 October 2014. 18.5 million Californians had their personal records put at risk by cyber breaches in 2013, a number seven times higher than the previous year, according to a report by the state attorney general. A 28 percent increase in data breaches, as well as the exposure of 7.5 million records from only the largest cyber intrusions, are to blame. (ID: 14-50153) See http://www.reuters.com/article/2014/10/29/us-usa-cybercrime-california-idUSKBN0IH27Y20141029

"Russia ruled out as culprit in Chase cyber security breach, U.S. officials say", Reuters, 02 October 2014. The FBI and Secret Service announced that Russia has been ruled out as the culprit for the Chase cyber security breach, citing non-state-sponsored cyber-criminals as the most likely culprits. It was initially feared that the attacks were in response to U.S. economic sanctions on Russia. (ID: 14-50154) See http://www.reuters.com/article/2014/10/21/us-cybersecurity-jpmorgan-idUSKCN0IA01L20141021

"China says it's hard to resume cyber security talks with U.S.", Reuters, 19 October 2014. Top Chinese diplomat Yang Jiechi told Secretary of state John Kerry that resuming cyber cooperation between China and the U.S. will be difficult because of "mistaken U.S. practices". Claims by Edward Snowden about U.S. hacking of Chinese computer systems, accusations by the U.S. of Chinese hacking of American firms, and other events have brought tensions between the U.S. and China to dangerous levels. (ID: 14-50155) See http://www.reuters.com/article/2014/10/19/us-china-usa-cybersecurity-idUSKCN0I80GU20141019

"FBI warns U.S. businesses of cyber attacks, blames Beijing", Reuters, 15 October 2014. The U.S. FBI released a hurried notification to U.S. businesses warning of cyber attacks that are believed to be backed by the Chinese government. The document instructs companies to inform authorities if they believe they are victims of attacks, and provides steps that companies should take to mitigate effects of an attack. (ID: 14-50156) See http://www.reuters.com/article/2014/10/15/usa-cybersecurity-china-idUSL2N0SA31M20141015

"Apple Pay Rival and Walmart-backed MCX Hacked, User Emails Snatched", Forbes, 29 October 2014. Merchant Customer Exchange (MCX), an effort between Rite Aid, Sears and Walmart to create a competing product similar to Apple Pay, notified customers that it was hacked and that customer email addresses had been obtained. The emails were from participants in MCX's CurrentC beta test. The CurrentC app is MCX's main product, which is being designed to allow customers to pay at brick-and-mortar stores with their phones. (ID: 14-50157) See http://www.forbes.com/sites/ryanmac/2014/10/29/apple-pay-rival-and-walmart-backed-mcx-hacked-user-emails-compromised/?ss=Security

"Data Breach Bulletin: Kmart, POODLE, Oregon Employment Department, UC Davis Health System", Forbes, 17 October 2014. A round-up of some of the most recent high-profile data breaches: Kmart, POODLE, UC Davis Health System, Sausalito Yacht Club. (ID: 14-50158) See http://www.forbes.com/sites/katevinton/2014/10/17/data-breach-bulletin-kmart-poodle-oregon-employment-department/?ss=Security

"Accelerating Threats Reset the Goal Lines in Cybersecurity", Security Week, 23 October 2014. The cybersecurity industry finds itself in the reactive role in a continuous game of cat-and-mouse all too often. Paradigm shifts like cloud computing further complicate the issue, so cyber companies will have to rely on "response reinvention" for survival. (ID: 14-50159) See http://www.securityweek.com/accelerating-threats-reset-goal-lines-cybersecurity

"Keep Moving, Stay Alive: Your Cyber Strategy is Either Dynamic or It's (Un)Dead", Security Week, 24 October 2014. Active, agile response to cybersecurity threats is necessary for keeping a business free from the many negative effects of security breaches. With scores of large-scale cyber attacks leaving big businesses reeling in the past few years, many are learning this lesson the hard way. (ID: 14-50160) See http://www.securityweek.com/keep-moving-stay-alive-your-cyber-strategy-either-dynamic-or-its-undead

"Alleged Russian cyber-criminal charged in 40-count indictment", GSN, 16 October 2014. Russian citizen Roman Valerevich Seleznev was charged by a federal grand jury in Seattle with a 40-count indictment. Seleznev was allegedly involved with stealing and collecting and selling over 2 million credit card numbers by infecting POS systems. (ID: 14-50161) See http://www.gsnmagazine.com/node/42749?c=cyber_security

"The Long and Winding Road to Shellshock Recovery", TechNewsWorld, 29 October 2014. The Shellshock bug was thought to be worse than Heartbleed because it allowed the attacker to take control of a system, not just spy on it. Though hacking activity related to Shellshock seems to have tapered off since the initial disclosure, cybercriminals are probing for vulnerabilities in Bash systems, and it is feared that the upcoming holiday season will see a dramatic increase in attacks. (ID: 14-50162) See http://www.technewsworld.com/story/81277.html

"FBI's Comey Argues Against Encryption: Trust Us", TechNewsWorld, 20 October 2014. In a recent speech, FBI director James Comey reiterated his concerns about built-in encryption in mobile devices. It is feared that built-in encryption will hamper the efforts of law enforcement, shielding criminals from legitimate, lawful searches. (ID: 14-50163) See http://www.technewsworld.com/story/81220.html

"Microsoft Patch Blocks Sandworm Tunnels", TechNewsWorld, 17 October 2014. A cyber-gang, dubbed "Sandworm", was found to be exploiting a vulnerability in Windows operating systems, which allowed them to remotely execute code on victim systems. According to iSight Partners, the firm that discovered Sandworm, the group is backed by the Russian government. Since being tracked in 2013, the group has targeted "NATO, government organizations in the Ukraine and Western Europe, a Polish energy firm, a French telecommunications company, and academic organizations in the United States." (ID: 14-50164) See http://www.technewsworld.com/story/81197.html

"New report details Russiais cyber-espionage activities", Homeland Security News Wire, 30 October 2014. Cyber security firm FireEye released a report that accuses the Russian government of hacking into and performing espionage on computer systems in Eastern European countries. FireEye cites the fact that many malware samples were written during Moscow and St. Petersburg time zone working hours, and on computers that are configured to use the Russian language. (ID: 14-50165) See http://www.homelandsecuritynewswire.com/dr20141030-new-report-details-russia-s-cyberespionage-activities

"New smart key software enhances security for homes businesses", Homeland Security News Wire, 28 October 2014. Traditional mechanical locks and keys suffer from many security shortcomings. Researchers have worked to design eLOQ, a software system that will aid in creating and managing electronic key systems. E-keys allow for "restricting access to specific locks/areas based on date and time; the ability to view an audit trail held in the keys and locks; and the eblacklistingi of lost or stolen keys without the time and expense of physically replacing locks." (ID: 14-50166) See http://www.homelandsecuritynewswire.com/dr20141028-new-smart-key-software-enhances-security-for-homes-businesses

"China steals confidential data on the vulnerabilities of major U.S. dams", Homeland Security News Wire, 24 October 2014. National Weather Service hydrologist Xiafen Chen was arrested and is being charged with theft of U.S. government property; namely, sensitive files on U.S. dams. It is suspected that the crime was state-sponsored, as a data breach of the same system was traced back to the Chinese government in early 2013. (ID: 14-50167) See http://www.homelandsecuritynewswire.com/dr20141024-china-steals-confidential-data-on-the-vulnerabilities-of-major-u-s-dams

"No Security, No Business", PC Mag, 31 October 2014. A poll by HyTrust indicated that the public has a very low tolerance for security breaches and hold lose faith quickly in companies that have suffered from breaches. Roughly half of the respondents went as far as describing such companies as "criminally negligent". Slacking on security can save businesses time and resources in the short term, but can cause catastrophic results if a breach occurs. (ID: 14-50168) See http://securitywatch.pcmag.com/security/328372-no-security-no-business

"Crazy Spy Software Makes Computers Spill Secrets Over Radio", PC Mag, 30 October 2014. When it comes to computer systems that control critical infrastructure, maintaining an "air gap" with networks is essential for security. The notorious Stuxnet managed to bridge an air gap, but researchers at Ben Gurion University managed to go one step further: their program can transmit data via FM radio waves by modulating signals going through a humble monitor cable. (ID: 14-50169) See http://securitywatch.pcmag.com/hacking/329044-crazy-spy-software-makes-computers-spill-secrets-over-radio

"NIST spells out information-sharing best practices", FCW, 30 October 2014. Information sharing has become increasingly recognized as an essential part of threat management and prevention for businesses and agencies alike. The NIST released the draft of a document that is intended to guide federal agencies and private organizations in the best ways to implement information sharing practices. (ID: 14-50170) See http://fcw.com/articles/2014/10/30/nist-sharing-best-practices.aspx

"USCIS looks to the cloud for E-Verify", FCW, 27 October 2014. After launching E-Verify, a system for employers to determine if their employees are eligible for work in the U.S., the U.S. Citizenship and Immigration Services is looking to move E-Verify's data processing to the cloud. While improving the capabilities of the system, protection of sensitive information like SSNs will be important in the cloud. (ID: 14-50171) See http://fcw.com/articles/2014/10/27/uscis-looks-to-the-cloud.aspx

"New cyber doctrine shows more offense, transparency", 24 October 2014. The Pentagon recently released an uncharacteristically transparent document detailing policy regarding offensive cyber actions. The document argues that, because of the "growing reliance" on the cyber world and the serious implications that actions in cyberspace can have in the real world, cyber offense "requires carefully controlling OCO [offensive cyber operations]". (ID: 14-50172) See http://fcw.com/articles/2014/10/24/cyber-offense.aspx

"Is open source really a security concern?", FCW, 23 October 2014. Open source code and applications are known to carry the risk of carrying malicious code and security flaws, but advocates of open-source development might argue that the strength of open-source is its "group approach", which can be more effective than closed source in finding such vulnerabilities. (ID: 14-50173) See http://fcw.com/articles/2014/10/23/open-source-security.aspx

"NIST lays out roadmap for cloud computing", GCN, 27 October 2014. The NIST released the result of a three year effort to speed up the adoption of cloud computing in government: Cloud Computing Technology Roadmap Volumes I and II. The first volume lists ten requirements for "maintain[ing] innovative cloud adoption across government", while the second is more of a "technical reference for those actively working on strategic and tactical cloud computing initiatives". (ID: 14-50174) See http://gcn.com/articles/2014/10/27/nist-cloud-roadmap.aspx?admgarea=TC_SecCybersSec

"U.S. government probes medical devices for possible cyber flaws", Reuters, 22 October 2014. The DHS is reportedly investigating about two dozen suspected security threats in medical devices. Though there are no known incidents regarding security flaws in the devices to date, the threat is very serious because of the direct role that the devices, which include "implantable heart devices", play in a patient's health. (ID: 14-50175) See http://www.computerworld.com/article/2837413/security0/dhs-investigates-24-potentially-deadly-cyber-flaws-in-medical-devices.html

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---