Visible to the public US News

SoS Newsletter- Advanced Book Block

US News

"Firm finds link between Regin spy tool and QWERTY keylogger," SC Mag., 27 January 2015. [Online]. Earlier this month, the source code for the so-called "QWERTY" keylogger malware was released as part of recent Snowden leaks and was found to have been used by numerous national intelligence agencies. Researchers found that QWERTY is identical in functionality to a specific module of the "Regin" spy tool and concluded that they were both produced by the same (or at least cooperating) developers. (ID: 14-50193) See:

"CTB-Locker ransomware variant being distributed in spam campaign," SC Mag., 23 January 2015. [Online]. Trend Micro has identified a new strain of the bitcoin ransomware "Critroni," which is unique in its unusually high ransom demand and longer time to pay the ransom: ninety-six hours to pay three bitcoins, or about $700. This version is spread via a spam campaign and is "predominately impacting users in Europe, the Middle East and Africa (EMEA), China, Latin America and India." (ID: 14-50194) See:

"NAFCU asks Congress to create bipartisan data breach working group," SC Mag., 22 January 2015. [Online]. The National Association of Federal Credit Unions (NAFCU) urged the U.S. Congress and Senate in a letter to consider creating a bicameral working group to help find solutions and pass legislation to combat the growing threat and consequences of data breaches. In a divided government, bipartisan cooperation and cooperation between government branches are integral parts of combating cybersecurity issues like data breaches. (ID: 14-50195) See:

"Adobe plugs Flash zero-day, investigates separate exploit reports," SC Mag., 22 January 2015. [Online]. Adobe has released a patch for the CVE-2015-0310, a Flash vulnerability that would allow hackers to bypass "memory randomization mitigations on the Windows operating system." Adobe is also investigating the Flash Player vulnerability CVE-2015-0311 and has announced that consumers should expect a patch in the near future. (ID: 14-50196) See:

"Android malware encounters surged in 2014, up by 75 percent, report says," SC Mag., 15 January 2015. [Online]. Mobile security company Lookout found that around 6.4 million Android devices were infected with malware in 2014, an astonishing 75 percent increase from 2013. Mobile devices are often seen as being safer that traditional personal computers, and they generally are -- but the increased functionality and usage in financial and business contexts means that they are becoming high-value targets. (ID: 14-50197) See:

"Skeleton Key Malware Analysis," Dell SecureWorks Counter Threat Unit Threat Intelligence, 12 January 2015. [Online]. The newly-discovered "Skeleton Key" malware allows attackers to bypass Active-Directory (AD) systems that only employ passwords for authentication. Skeleton Key allows attackers to authenticate themselves as a legitimate user, thereby granting them access to remote access services within a victim network. Two variants were found, the older of which allowed attackers to analyze the victim's patching process. (ID: 14-50198) See:

"Pro-ISIS attackers compromise U.S. Central Command Twitter and YouTube accounts," SC Mag., 12 January 2015. [Online]. The U.S. Central Command (CENTCOM) confirmed that its YouTube and Twitter accounts were hacked. Both accounts were taken offline after attackers, who appear to have been supporters of the Islamic State, used the accounts to post military documents and threatening messages. The military documents, though disguised to look like part of a new breach, were actually part of the public domain. It is suspected that the attackers obtained credentials through some kind of phishing or brute-force attack. (ID: 14-50199) See:

"Cisco Annual Security Report Reveals Widening Gulf between Perception and Reality of Cybersecurity Readiness," Security Mag., 20 January 2015. [Online]. Cyber criminals have been constantly developing techniques of increasing sophistication to evade detection and bypass security measures, which means that security teams need to work together on improving their methods more than ever before. According to a study by Cisco, however, not everybody is on the same page when it comes to perceptions of cyber readiness. (ID: 14-50200) See:

"Obama Calls for Data Breach Notification Law," Security Mag., 12 January 2015. [Online]. U.S. President Barack Obama intends to ask Congress to pass a law that requires companies to report data breaches to victims within thirty days, as well as a second privacy law that would allow consumers to decide what personal data they are willing to give to companies, and how they want that data to be used. Additionally, Obama intends to push for a digital privacy bill that would regulate collection and use of data collected from educational services. (ID: 14-50201) See:

"Snowden reveals that China stole plans for a new F-35 aircraft fighter," Cyber Def. Mag., 22 January 2015. [Online]. According to Snowden leaks, Chinese government hackers were able to obtain plans and technical data -- potentially as much as 50 terabytes worth -- for a new F-35 fighter jet. The F-35, which is being developed by Lockheed Martin at a record-breaking $400 billion, is a joint effort between the U.S., U.K., and Australian governments. (ID: 14-50202) See:

"5800 Gas Station Tank Gauges vulnerable to cyber attacks", Cyber Def. Mag., 26 January 2015. [Online]. Recent research by Rapid7 has found that approximately 5,800 gas stations across the U.S. are vulnerable to remote cyber attacks. The affected gas stations all use Automated Tank Gauges (ATGs), devices that are used to prevent overfilling of underground storage tanks that have no password protection. Compromised ATGs could potentially produce false alarms and shut down a station. (ID: 14-50203) See:

"USA and UK announce joint cyber 'war games' to improve cyber defenses," Cyber Def. Mag., 20 January 2015. [Online]. The U.S. and U.K. have agreed to participate in mutual cyber "war games" in which teams from each nation would "attack" each other to bring to light security flaws in each other's systems. The exercises are intended to prepare both nations for real-life state-sponsored attacks. British Prime Minister David Cameron stressed the importance of cyber security readiness in his announcement of the war games, noting that cyberattacks "can have real consequences to people's prosperity". (ID: 14-50204) See:

"Project Zero team has disclosed a new unpatched Windows 8 flaw," Cyber Def. Mag., 15 January 2015. [Online]. Google's Project Zero hacking team has disclosed a newly found Windows 8.1 and Windows 7 "Privilege Escalation" vulnerability, and has demonstrated it in a simulated Proof of Concept (PoC) attack. There has been disagreement between Google and Microsoft about the disclosure policy; Microsoft had asked Google to delay the disclosure of the bug, with the intention to fix it by February 2015. Google refused, and disclosed it within the normal 90-day timeline. (ID: 14-50205) See:

"Malaysia Airlines Site Back Up as Hackers Threaten Data Dump," Infosecurity Mag., 27 January 2015. [Online]. Hacking group "Lizard Squad" has claimed responsibility for an attack on Malaysia Airline's website and has threatened on social media to release stolen data, though the airline claims that no sensitive data was stolen. Visitors to the website were directed to a page apparently owned by Lizard Squad, though the issue has since been resolved. (ID: 14-50206) See:

"China Blamed for MITM Attack on Outlook," Infosecurity Mag., 19 January 2015. [Online]. Anti-censorship rights group is pointing fingers at China's Cyberspace Administration after an attack on Microsoft Outlook users. The daylong MITM attack, which utilized a self-signed certificate, is suspected by some to be an attempt by China to test their MITM capabilities, which are used to bypass HTTPS and intercept communications. (ID: 14-50209) See:

"Windows 10: Secure enough for government?" GCN, 23 January 2015. [Online]. Windows 10 will feature new and improved security features, including technologies such as multifactor authentication, data-loss prevention, and other low-level hardware and kernel measures. Newer security features could be very attractive for government and business, who are facing increasing amounts of cyber threats. (ID: 14-50210) See:

"Critical Java updates fix 19 vulnerabilities, disable SSL 3.0," ComputerWorld, 21 January 2015. [Online]. A new Java security update patches 19 vulnerabilities and removes support for Secure Sockets Layer (SSL) 3.0, which is outdated and vulnerable. A significant portion of the 19 vulnerabilities scored high on the severity scale, with six scoring 9.3 or above out of 10. Additionally, this will be the last security update for Java 7 (without a long term contract); users will need to migrate to Java 8 to receive automatic updates in the future. (ID: 14-50211) See:

"Fed data at risk in attacks on university computers," FCW, 27 January 2015. [Online]. University computer networks, which contain large volumes of both devices and data, are a lucrative target for cyber criminals, according to a memo by the Department of Homeland Security (DHS). Last spring, for instance, attackers were able to utilize a supercomputer at a U.S. university to perform DDoS attacks on several businesses that provide server services for gaming. (ID: 14-50212) See:

"Ending the tyranny of passwords," FCW, 16 January 2015. [Online]. The FIDO (Fast IDentity Online) Alliance, a collaborative effort between 150 members including Google and Samsung, has been striving towards creating stronger two-factor authentication systems while phasing out passwords as a method of authentication. The group has been working to create specifications for newer methods like biometrics and hardware tokens, technologies that could prove to be much more secure than passwords without compromising convenience. (ID: 14-50213) See:

"How can we protect our information in the era of cloud computing?" University of Cambridge Research, 26 January 2015. [Online]. Researcher Jon Crowcroft argues that cloud storage puts data at an increased risk; rather, information should be stored in a diverse range of P2P systems. Spreading data out, according to Crowcroft, would not just hamper efforts to obtain that information illegitimately, but would make it easier to access as well. The centralized nature of cloud solutions, on the other hand, can make data easier to steal. (ID: 14-50214) See:

"NIST Revises Crypto Standards Guide," Gov Info Security, 23 January 2015. [Online]. The National Institute of Standards and Technology (NIST) has just released its NIST Cryptographic Standards and Guidelines, a document which details NIST's new cryptographic standard development process. Notably, the document stresses transparency and details the interactions between NIST and the NSA, a relationship which has sparked considerable negative publicity since the first draft was issued nearly a year ago. (ID: 14-50215) See:

"New technology proves effective in thwarting cyberattacks on drones," Homeland Security News Wire, 27 January 2015. [Online]. Researchers with the University of Virginia and Georgia Institute of Technology have successfully tested methods developed by the multi-university Systems Engineering Research Center to keep unmanned aerial vehicles safe from cyber attack. Drones, as they are often referred to, are used to collect sensitive data and even perform missile strikes, which makes security a necessity. (ID: 14-50216) See:

"Universities adding cybersecurity programs to their curricula to meet growing demand," Homeland Security News Wire, 14 January 2015. [Online]. The increasing prevalence and gravity of cyber attacks has led to a high demand for well-trained cybersecurity workers, which has in turn increased the demand for cybersecurity education. Many universities are bulking up their cybersecurity programs, and students are taking advantage of the value that cybersecurity education can give them in the job market. (ID: 14-50217) See:

"It Took Me Two Clicks To Trace Ross Ulbricht To The Silk Road," Forbes, 16 January 2015. [Online]. Computer security researcher Nicholas Weaver details how he was able to connect Ross Ulbricht to the deep-web marketplace "Silk Road" by tracing bitcoin transactions. According to Weaver, 3,255 bitcoins (about $300,000 USD) was transferred from the Silk Road to Ulbricht. Ulbricht is currently being charged as the alleged founder of the anonymous market. (ID: 14-50218) See:

"Linux makers release patch to thwart new 'Ghost' cyber threat," Reuters, Edition: U.S., 27 January 2015. [Online]. Linux distribution developers, including Red Hat Inc., have released a patch to fix "Ghost," a vulnerability which could purportedly allow hackers to remotely control vulnerable systems. Researchers found that they could compromise servers with a malicious email, without that email even being opened. Fortunately, there have not been any reports of the vulnerability being used "in the wild." As with Heartbleed and shellshock, the vulnerability was discovered in open-source software; which in this case is the Linux GNU C Library. (ID: 14-50219) See:



Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.