Click here to close now.


Agile Computing Authors: Elizabeth White, Pat Romanski, Yeshim Deniz, Jayaram Krishnaswamy, Ian Khan

Blog Feed Post

August 6 – Politico: More than 1 billion passwords stolen by Russian hacker gang – Haul highlights password problems

August 6, 2014

By: Joseph Marks

With help from David Perera, Tal Kopan and Shaun Waterman

MORE THAN 1 BILLION PASSWORDS STOLEN BY RUSSIAN HACKER GANG — Last night’s New York Times scoop that a gang of criminal hackers deep in the Russian hinterlands had amassed more than 1 billion usernames and passwords linked to half-a-billion email addresses demonstrates both that the Web is increasingly dangerous for consumers and that Russia remains a safe zone for hacking networks, analysts told MC. “The untouchables of the internet have developed a robust hacker economy of scale in Russia,” Trend Micro Chief Cybersecurity Officer Tom Kellermann said.

When hackers gather information at that massive scale — this is likely the biggest haul in history — the danger isn’t just the data they have but the data they can deduce from it, CrowdStrike General Counsel Steve Chabinsky told MC. Many people ignore security experts’ advice and don’t vary their passwords, which means attackers that know the password to one account can try the same password — or variations on it — to breach other accounts. “The volume of these records allows hackers to do their own form of big data analytics, scouring passwords and using them in attacks not only against these corporate victims but against others as well,” said Chabinsky, who was previously deputy assistant director of the FBI’s cyber division.

The massive trove of data — stolen from hundreds of thousands of websites — was discovered by the Milwaukee firm Hold Security, which dubbed the gang CyberVor (cyber thief in Russian). The findings were verified by an independent security expert working on behalf of the Times. The list of compromised sites “includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites,” Hold Security said. The hacking ring does not appear to be connected with the Russian government and does not appear to have sold many of the records, the Times reported. The story: The Hold Security report:

SECURITY FIRM FACES “CASHING IN” QUESTIONS — Demonstrating that no good deed goes unpunished, Hold Security has faced suggestions that they are “cashing in” on their discovery by offering a low-cost ($120 per year) service to webmasters to determine if their site was among the 420,000 breached by the gang. After questions from reporters, the firm appears to have taken down the page offering the service, reports Forbes blogger Kashmir Hill. The story:

HACKER HAUL HIGHLIGHTS PASSWORD PROBLEMS — The massive trove of stolen account credentials highlights the way the ubiquitous password has become one of the weakest links in the online security chain. Every new online account — from the vital like banking to the trivial like pizza delivery — means another different password to remember; or another chance for cybercrooks to steal your favorite one. Easily remembered passwords can generally be easily guessed, even when encrypted — by computers that try thousands of different possibilities a minute. But an Obama administration program exploring ways to make alternatives to the password commercially viable without infringing on privacy is caught in political crossfire on Capitol Hill.

For the third year running, House appropriators voted earlier this year to gut funding for the program, targeting cash for pilot implementation projects. As Dave Perera reports this morning, “the program’s backers say it’s pure politics. The National Strategy for Trusted Identities in Cyberspace, NSTIC, is a relatively tiny line item in the budget of the government’s technology lab. It comes in at just $16.5 million — a rounding error in the $51.2 billion appropriations bill that funds Commerce, Justice and U.S. scientific agencies.” The full story on NSTIC:

HAPPY WEDNESDAY and welcome to Morning Cybersecurity, where today’s anniversary of the atomic bomb dropping on Hiroshima — whatever else you think about it — is a good opportunity to read the Times’ fascinating obituary of Theodore Van Kirk, the last surviving crew member of the Enola Gay, the plane that dropped that bomb 59 years ago. Van Kirk died last Monday at 93. Whatever you’re reading today, drop us a line. Send your thoughts, tips and feedback this week to [email protected] and follow @talkopan, @joseph_marks_, @POLITICOPro and @MorningCybersec. Full team info is below.

INTEL OFFICIALS PREPARE TO GO AFTER SECOND SNOWDEN — Intelligence officials are considering asking the Justice Department to open a criminal investigation into the leak of documents related to the government’s terrorist watchlist to Glenn Greenwald’s The Intercept, Reuters reported late yesterday. The documents were dated August 2013, two months after Edward Snowden bolted the NSA and passed a trove of documents to Greenwald and other journalists. The investigation threat would seem to confirm the intelligence community has a second leaker on its hands, but the community would not confirm that fact to Reuters. The story:

And some background: There have been rumors rumbling since early July that a second intelligence community source was feeding leaks to reports. That’s when German broadcaster ARD published an unsourced story about XKeyscore targeting users who visit anonymizing sites such as Tor. “I do not believe that this came from the Snowden documents … I think there’s a second leaker out there,” security researcher Bruce Schneier wrote at the time ( Greenwald responded by tweeting, “seems clear at this point.” (

But, even if The Intercept’s August 2013 documents are genuinely from a different source, that doesn’t mean a second leaker on the unprecedented scale of Snowden, a senior law enforcement official cautioned MC. “The unfortunate reality is some people leak information or provide information to those not entitled to receive it, but that’s not anything new,” the source said. “It’s certainly something we take seriously, but I don’t think anybody’s at the point where they think there’s another Edward Snowden.” Background from CNN, which broke the second leaker story: and The Intercept report:

IN OTHER SURVEILLANCE NEWS, TOR — The Defense Department did not receive personal data about Tor users through a government-funded project to detect vulnerabilities, a DOD spokeswoman told Reuters yesterday. The project was conducted by researchers at Carnegie-Mellon University’s Software Engineering Institute with funding from DOD. The researchers had planned to describe their work at the Black Hat security conference in Las Vegas this week but the university canceled the talk amid the controversy, Reuters reported. In a note on Tor’s website last week, project leader Roger Dingledine said the service had identified computers on its network that had been quietly altering Tor traffic for five months in an attempt to unmask users connecting to “hidden services,” which include drug bazaars and whistleblower sites. Details from Reuters:

FEDS FAIL EMAIL HYGIENE TEST — Most organizations are not doing enough to prevent their email domains from being forged by hackers and federal agency websites are especially failing — so much so that the government ought to mandate they put their house in order, a new report recommends. Just 4 percent of top federal sites qualified for the nonprofit Online Trust Alliance’s email honor roll, well below the 8.3 percent average for websites generally. Social media sites topped the list with 28 percent qualifying. Major financial institutions were next at 17 percent. To make the honor roll, organizations had to implement best practices for authenticating email that help prevent spearphishing and other malware attacks. Tal has the story

POSSIBLE IRANIAN CONNECTION IN ISRAELI DDOS ATTACKS — Security firm Arbor Networks spotted sharp upticks in DDoS attacks against Israel starting days after the Hamas-attributed deaths of three Israeli teenagers sparked the latest round of fighting. Attacks went from an average of 30 per day in June to an average of 150 per day in July, peaking at 429 attacks on July 21st, the firm said in a blog post. The attack pattern “bears a striking resemblance” to the “Itsoknoproblembro” botnet attacks launched against U.S. financial firms in 2013, Arbor adds. The Qassam Cyber Fighters, an Islamist hacking group with possible official Iranian ties, took responsibility for the financial industry attacks. Arbor says they don’t know who controls the “Brobot” botnet today, but it’s “being used to attack Israeli civilian governmental agencies, military agencies, financial services and Israel’s cc TLD DNS infrastructure.” The blog post:

OPERATION ARACHNAPHOBIA STILL GOING STRONG IN PAKISTAN: A Pakistani APT group has remained active even after it was outed by ThreatConnect’s Intelligence Research Team in August, 2013, launching malware attacks aimed at Indian military and government targets, according to a joint report from ThreatConnect and FireEye released yesterday. Since the first report, the group dubbed Operation Arachnophobia has embedded Bitterbug malware in phony news articles about the arrest of an Indian diplomat and about the disappearance of Malaysia Airlines flight 370 which the “lure” article casts as a Pakistani attack. Details:


– Sixty percent of companies plan to spend their IT funds on improving cybersecurity over the next two years, and 88 percent said IT investments overall will be important or critical, according to a PwC survey of more than 200 private company leaders in the second quarter of this year:


– Former NSA Chief Keith Alexander is defending the profits of his new cybersecurity firm again — this time to the Associated Press. AP:

– Smart building technology could open up a new breed of cyberattacks. TechCrunch:

– Boston University researchers have been awarded a $10 million grant from the National Science Foundation to test a new cloud-based modular cybersecurity system. GCN:

– The Veterans Affairs Department launched a new campaign yesterday to educate veterans about identity theft prevention. VA:

– Blackphone and Signal have different business philosophies but hit the same post-Snowden privacy concerns. Reuters:

That’s all for today. Have a great Wednesday!

Read the full article at:

The post August 6 – Politico: More than 1 billion passwords stolen by Russian hacker gang – Haul highlights password problems appeared first on ThreatConnect - Threat Intelligence.

Read the original blog entry...

More Stories By Adam Vincent

Adam is an internationally renowned information security expert and is currently the CEO and a founder at Cyber Squared Inc. He possesses over a decade of experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect™, the first-of-its-kind threat intelligence platform. He currently serves as an advisor to multiple security-focused organizations and has provided consultation to numerous businesses ranging from start-ups to governments, Fortune 500 organizations, and top financial institutions. Adam holds an MS in computer science with graduate certifications in computer security and information assurance from George Washington University. Vincent lives in Arlington, VA with his wife, two children, and dog.

@ThingsExpo Stories
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of, and Fred Yatzeck, principal architect leading product development at, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at the same time reduce Time to Market (TTM) by using plug and play capabilities offered by a robust IoT ...
Today’s connected world is moving from devices towards things, what this means is that by using increasingly low cost sensors embedded in devices we can create many new use cases. These span across use cases in cities, vehicles, home, offices, factories, retail environments, worksites, health, logistics, and health. These use cases rely on ubiquitous connectivity and generate massive amounts of data at scale. These technologies enable new business opportunities, ways to optimize and automate, along with new ways to engage with users.
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new data-driven world, marketplaces reign supreme while interoperability, APIs and applications deliver un...
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data shows "less than 10 percent of IoT developers are making enough to support a reasonably sized team....
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes about through a Communications Platform as a Service which allows for messaging, screen sharing, video...
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures traffic gets delivered faster, safer, and more reliably than ever.
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete end-to-end walkthrough of the analysis from start to finish. Participants will also be given the pract...
The IoT market is on track to hit $7.1 trillion in 2020. The reality is that only a handful of companies are ready for this massive demand. There are a lot of barriers, paint points, traps, and hidden roadblocks. How can we deal with these issues and challenges? The paradigm has changed. Old-style ad-hoc trial-and-error ways will certainly lead you to the dead end. What is mandatory is an overarching and adaptive approach to effectively handle the rapid changes and exponential growth.
Mobile messaging has been a popular communication channel for more than 20 years. Finnish engineer Matti Makkonen invented the idea for SMS (Short Message Service) in 1984, making his vision a reality on December 3, 1992 by sending the first message ("Happy Christmas") from a PC to a cell phone. Since then, the technology has evolved immensely, from both a technology standpoint, and in our everyday uses for it. Originally used for person-to-person (P2P) communication, i.e., Sally sends a text message to Betty – mobile messaging now offers tremendous value to businesses for customer and empl...
Can call centers hang up the phones for good? Intuitive Solutions did. WebRTC enabled this contact center provider to eliminate antiquated telephony and desktop phone infrastructure with a pure web-based solution, allowing them to expand beyond brick-and-mortar confines to a home-based agent model. It also ensured scalability and better service for customers, including MUY! Companies, one of the country's largest franchise restaurant companies with 232 Pizza Hut locations. This is one example of WebRTC adoption today, but the potential is limitless when powered by IoT.
You have your devices and your data, but what about the rest of your Internet of Things story? Two popular classes of technologies that nicely handle the Big Data analytics for Internet of Things are Apache Hadoop and NoSQL. Hadoop is designed for parallelizing analytical work across many servers and is ideal for the massive data volumes you create with IoT devices. NoSQL databases such as Apache HBase are ideal for storing and retrieving IoT data as “time series data.”
Clearly the way forward is to move to cloud be it bare metal, VMs or containers. One aspect of the current public clouds that is slowing this cloud migration is cloud lock-in. Every cloud vendor is trying to make it very difficult to move out once a customer has chosen their cloud. In his session at 17th Cloud Expo, Naveen Nimmu, CEO of Clouber, Inc., will advocate that making the inter-cloud migration as simple as changing airlines would help the entire industry to quickly adopt the cloud without worrying about any lock-in fears. In fact by having standard APIs for IaaS would help PaaS expl...
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the cloud and the best price/performance value available. ProfitBricks was named one of the coolest Clo...
Organizations already struggle with the simple collection of data resulting from the proliferation of IoT, lacking the right infrastructure to manage it. They can't only rely on the cloud to collect and utilize this data because many applications still require dedicated infrastructure for security, redundancy, performance, etc. In his session at 17th Cloud Expo, Emil Sayegh, CEO of Codero Hosting, will discuss how in order to resolve the inherent issues, companies need to combine dedicated and cloud solutions through hybrid hosting – a sustainable solution for the data required to manage I...
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Valley. The program, to be aired during the peak viewership season of the year, will have a major impac...
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Bradley Holt, Developer Advocate at IBM Cloud Data Services, will demonstrate techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk will be on IBM Cloudant, Apa...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, will look at different existing uses of peer-to-peer data sharing and how it can become useful in a live session to...
As a company adopts a DevOps approach to software development, what are key things that both the Dev and Ops side of the business must keep in mind to ensure effective continuous delivery? In his session at DevOps Summit, Mark Hydar, Head of DevOps, Ericsson TV Platforms, will share best practices and provide helpful tips for Ops teams to adopt an open line of communication with the development side of the house to ensure success between the two sides.
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.