Visible to the public International News

SoS Newsletter- Advanced Book Block

International News

"Only 100 cybercrime brains worldwide says Europol boss", BBC News, 10 October 2014. Head of Europol's Cyber Crime Center, Troels Oerting, advises law enforcement to focus on the relatively small number of true cybercriminals. Of only about 100 cybercriminal kingpins, Oerting says that a large number originate from Russian-speaking countries. (ID# 14-70000) See

"Criminals use Tyupkin Malware to empty ATMs of cash", PC Magazine Security Watch, 12 October 2014. ATMs across Russia, Europe, United States, India, and China have been infected with malware that allows attackers to drain cash from infected machines. Kaspersky Lab researchers report that the Tyupkin malware, which infects ATMs via bootable CDs, was only active in the late hours of Sundays and Mondays, in order to evade detection. (ID# 14-70001) See

"Russian 'Sandworm' hack has been spying on foreign governments for years", Wired, 14 October 2014. A cyberespionage campaign has been dubbed "Sandworm", and is believed to have targeted government, energy and telecommunication companies, and defense entities since 2009. The zero-day vulnerability used in Sandstorm utilizes malicious PowerPoint e-mail attachments, which installs an executable for opening backdoors. (ID# 14-70002) See

"Governments and businesses harvest voices", Channel Eye, 14 October 2014. Biometric-based security systems are made possible with help from companies like AGNITio, based in Madrid. Over 65 million voiceprints have been entered into corporate and government databases by such companies, with UK-based banking titan, Barclays, exploring the technology's capabilities to authenticate affluent clients. (ID# 14-70003) See

"China takes cyber war to Australia", SC Magazine UK, 14 October 2014. According to security firms FireEye/Mandiant and Context Information Security, Chinese hackers recently unleashed APT attacks on Australian mining and natural resource firms, as well as law firms with access to merger and acquisition details. A suspected state-sponsored attack, activity was observed only during Australian business hours in order to avoid detection. However, activity ceased significantly during Chinese public holidays. See

"Two patched zero days targeting Windows Kernel", Threat Post, 15 October 2014. Two vulnerabilities designed to escalate privileges have been patched, says FireEye. The first flaw (CVE-2014-4148) embeds malicious Windows True Type Font (TTF) in a Microsoft Office file, which processes in kernel mode upon opening of the file. The second flaw (CVE-2014-4113) involves a remote system attack to access Windows Kernel. The two vulnerabilities were somewhat overshadowed by Sandworm. (ID# 14-70004) See

"China is already spying on Apple iCloud users, watchdog claims", The Register UK, 20 October 2014. Man-in-the-middle attacks on SSL connections to iCloud began during Apple's iPhone 6 release in China. Experts say Chinese state hackers intercepted connections to iCloud by using self-signed SSL certificates in place of Apple's. Firefox and Chrome will detect the false certificate, but the popularly used Chinese browser, 360 Secure Browser, will not. (ID# 14-70005) See

"Most cloud apps flout EU data protection rules -- study", The Register UK, 21 October 2014. In a study by Skyhigh Networks, 72 per cent of cloud services most used by European corporations would be considered noncompliant under the proposed Data Protection Directive. Though not yet approved, the EU Data Protection regulations are sorely needed in many European organizations, as evidenced by lax security requirements in current operation. (ID# 14-70006) See

"UK tops list of countries most under threat from cyber attack", IT Pro Portal, 20 October 2014. Security firm FireEye has concluded that the UK is most under threat from cyber-attacks, with Germany and Saudi Arabia not far behind. FireEye analyzed Advanced Persistent Threats (APTs) occurring in the first six months of 2014, observing attempts and targets. Findings confirm that Spain, Sweden, and France are the least attacked. (ID# 14-70007) See

"China refutes new FBI hacking claims", SC Magazine UK, 20 October 2014. Sino-US Internet Working Group activity has halted as relations between the US and China continue to be strained. In May, US FBI charged five purported members of the Chinese People's Liberation (PLA) with hacking crimes against US companies. See
"IAF asks personnel not to use Xiaomi phones", The Times of India, 24 October 2014. Chinese-manufactured Xiaomi Redmi 1s phones are suspected of transferring personal user data to servers in China. According to tests conducted by F-secure, a security solution company, the Xiaomi Redmi phones were forwarding information such as phone numbers, device identifiers, contact numbers, and text messages back to China. (ID# 14-70008) See

"Keyless cars 'increasingly targeted by thieves using computers'", BBC News, 27 October 2014. According to the Society of Motor Manufacturers and Traders (SMMT), organized criminal groups are targeting luxury cars that popularly use keyless entry and ignition. Attackers reprogram remote-entry keys in order to gain access to the car, often by purchasing software available online. (ID# 14-70009) See


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.