skip navigation

More signal. Less noise.

Daily briefing.

The PlugX remote access Trojan, a Chinese espionage tool, has found its way into criminal hands and is being used for embezzlement. US authorities have fingered Iran's government as the controlling force behind the Izz ad-Din al-Qassam Cyber Fighters' campaign against Western banks, but the Cyber Fighters deny it—they're purely Islamic hacktivists.

Samsung printers are found to contain a hardcoded backdoor. A new Java zero-day exploit is for sale on the black market. Symantec releases more on the Narilam database annihilation malware. Popular (and free) web server analytics system Piwik has been trojanized to create a backdoor in users' systems.

Stuxnet may have resurfaced in French industrial gas company Air Liquide. Speculation continues about alleged US cyber operations against France.

A fired University of Arkansas medical resident apparently retaliates by releasing patient records. GoDaddy attributes recent DNS record hijacking to phishing. A decommissioned International Atomic Energy Commission server was hacked, revealing agency emails.

Last week the Nassau County Police had opsec issues; this week it's Belgium's intelligence services: officers are "oversharing" on social media.

Google repairs a high-risk Chrome flaw, and Skype says it has a handle on scam calls. CSO disputes a study released this week that concluded antivirus software was a waste of money.

Southhampton hopes to become England's Tulsa. US companies engaged in international trade should take due diligence seriously in their risk management. China prepares to crack down on VPNs (and in the US the ACLU thinks VPN users expose themselves to warrantless NSA monitoring).

Notes.

Today's issue includes events affecting Algeria, Australia, Belgium, Canada, China, European Union, France, Germany, Iran, Republic of Korea, Romania, Russia, Saudi Arabia, United Kingdom, United Nations, United States..

Cyber Attacks, Threats, and Vulnerabilities

Chinese Cyberespionage Tool Updated For Traditional Cybercrime (Dark Reading) PlugX remote access Trojan (RAT) spotted being used to pilfer money out of enterprises. In yet another example of the inevitable intersection between cyberespionage and cybercrime, an infamous cyberspying tool out of China has been upgraded and used in targeted attacks for financial gain, not pure cyberespionage

Bank Hackers Deny They're Agents of Iran (Wired Danger Room) American officials are blaming Iran for recent attacks on the servers of western banks. But the hackers taking credit for the sophisticated distributed denial-of-service strikes say they pulled off the bank jobs without any government help

Samsung printers contain hardcoded backdoor account, US-CERT warns (CSO) Hardcoded administrative account in Samsung printers poses security risks

Java Zero-Day Exploit on Sale for 'Five Digits' (Krebs on Security) The price of any exploit is ultimately whatever the market will bear, but this is roughly in line with the last Java zero-day exploit that was being traded and sold on the underground. In August, I wrote about a newly discovered Java exploit being

Latest Java zero-day exploit renews calls to disable it (CSO) A zero-day Java exploit found for sale in the criminal underground has renewed calls to disable the cross-platform runtime environment in Web browsers. The latest exploit of a vulnerability not yet publicly known was

Symantec finds malware designed to corrupt databases (Fierce CIO: TechWatch) Security vendor Symantec has published information about a malware called W32.Narilam that is designed to meddle with SQL databases via OLEDB. The worm apparently targets SQL databases with three distinct names, and will replace certain items in the database with random values or even delete rows

Piwik.org compromised, offered Trojanized version of analytics software (Help Net Security) The official website of popular free web server analytics system Piwik has been compromised and made to serve a Trojanized version of the software that opens a backdoor on the systems

SCADA software bugs leave national critical infrastructure vulnerable (Help Net Security) This week, 23 vulnerabilities in industrial control software – specifically SCADA software – from several vendors have reportedly been found by a researcher at security firm Exodus Intelligence

Researchers finds 23 vulnerabilities in SCADA software (Help Net Security) The recent revelation that Malta-based start-up ReVuln is offering only to paying customers information about SCADA zero-day vulnerabilities has spurred security researcher Aaron Portnoy into trying

French Company Air Liquide Hijacked by Stuxnet (obsession) French giant industrial gases was famous victim of virus created to target the Iranian nuclear program

US Cyber-War Against France? (Midsize Insider) As Don Reisinger reports at CNET, the French news magazine L'Express has claimed that the US launched a cyber-attack against France last May. According to the magazine, the strike, shortly before the French national election, targeted the re-election

Romanian Google, Yahoo Home Pages Defaced (Threatpost) The home pages of Google, Yahoo and some other high-value sites in Romania were defaced on Wednesday, possibly through a DNS poisoning attack, and visitors were redirected to a page on which an attacker who says he's from Algeria claimed responsibility for the hack. Researchers said that while a DNS attack is the most likely scenario, it's not clear where the attack took place

Site Found Delivering Angry Birds Star Wars With Costly SMS Sender Functionality (Threatpost) Fake and malicious Android apps have become an industry unto themselves in the last couple of years, as attackers have sought to capitalize on the massive market share that the mobile OS enjoys worldwide. It's a safe bet that any popular new app will attract a malicious copycat version, and researchers have found that the latest app on this list is Angry Birds Star Wars

UAMS Alerts Patients to Data Breach Linked to Fired Resident (Threatpost) The University of Arkansas for Medical Sciences is letting some 1,500 patients know their information was kept without permission by a resident physician after she was terminated. The health care facility plans to mail impacted patients who had surgery or were seen by a neurosurgeon from January to June 2010. Some patient data included name, address, date of birth, medical record number and date of service. Others also included more sensitive information such as diagnoses, medications, surgical and other procedure names, and lab results

Serious BT security flaw revealed (IT Proportal) BT has been slammed for porous security on its website, after it was discovered that anyone armed with a phone number and a UK postcode could add services to any account held with the landline service provider. The security flaw, spotted by The Register, means it's easy to add additional phone packages to a user's account, as information like phone numbers and postcodes can be found through directory enquiries. The publication even managed to add BT Vision TV service

UN nuclear agency server hacked (NZ Herald) The International Atomic Energy Agency has acknowledged that one of its servers has been hacked. The UN nuclear watchdog commented Tuesday after a previously unknown group critical of Israel's undeclared nuclear weapons program posted contact information for more than 100 experts working for the IAEA. A group called "Parastoo" Farsi for a swallow bird and a common Iranian girl's name claimed responsibility for posting the names on its website two days ago

Fake Facebook alert leads to Blackhole, malware (Help Net Security) Due to the huge popularity of Facebook and its one billion active users, bogus emails impersonating the social network are constantly hitting users' inboxes. The latest of these is a notification

Go Daddy says DNS records hijacking was due to phishing (Help Net Security) Last week malware peddlers have managed to compromise the DNS records of Go Daddy hosted websites so that they would redirect victims to malicious sites hosting the Cool exploit kit and ultimately

Zero-day hotel keycard hack goes unfixed, now being used by Texas thieves (ExtremeTech) The hair is standing up on the back of my neck. Back in July, a Mozilla software developer showed off his ability to hack the keycard locks used in over four million hotel rooms with only about $50 worth of hardware. That is terrifying in and of itself

Spy agency employees caught oversharing on LinkedIn and Facebook (Naked Security) The Belgian press is up in arms after members of the country's state security agency were found promoting themselves and their professional affiliation on social networks. Turns out: it's not that unusual

Security Patches, Mitigations, and Software Updates

Windows Phone 8 Random Reboot Fix Coming Over-The-Air Next Month, Says Microsoft (TechCrunch) Microsoft will issue an update for Windows Phone 8 next month, to fix a random rebooting problem that can affect the OS, flagged up on user forums. "We're continuing to investigate some reports of phones rebooting and have identified a cause with our partners. We are working to get an over-the-air update out in December," it said

Google Repairs High-Risk Flaw in Chrome (Threatpost) Google has fixed a couple of security vulnerabilities in its Chrome browser, including a high-risk use-after-free bug and a problem in the way that the Apple OS X driver for some Intel GPUs handles rendering

Skype says scam calls on a steady decline (CSO) Skype has been battling wily adversaries who are abusing the Internet calling application to direct people to scam websites, but the Microsoft-owned service says the sham calls are decreasing. The automated calls feature a computer-generated voice that tells the victim to visit a specific website, which often is selling bogus security software. The scam websites have usually been live on the Internet just a few hours, Adrian Asher, Skype's chief security officer, said in a phone interview Monday

Cyber Trends

7 Risk Management Priorities For 2013 (Dark Reading) CISOs seek more discipline in measuring and mitigating risk in the coming year. As CISOs and risk management pros gear up for a new year, they'll be tasked with sheltering their organizations from a highly dynamic threat environment through a renewed sense of discipline as regulators, executives, and shareholders increasingly turn the microscope on their IT security practices. In order to improve and coalesce security practices, it'll take work to line them up with maturing risk management philosophies and measurable. According to risk management experts, consultants, and practitioners, enterprises are likely to turn to the following risk management priorities in 2013 to achieve their security objectives

Growing cyber threat pushes financial companies to spend $17bn on security: report (CBR Online) Spending will be mainly on counter measures, transaction and data security, as well as on policies and procedures. With the growing threat from cyber attacks, financial institutions will ramp up investment in critical security infrastructure in coming years, with worldwide spending predicted to reach $17. 14bn by the end of 2017, according to a report by ABI Research.

Five key business-tech trends in 2013 for enterprises (Help Net Security) The new year will see greater adoption of advanced technology to meet changing demands of enterprises while increasing productivity and creating new experiences for customers, according to Verizon

Better off without AV? Not yet (CSO) AV vendors will surely dislike the results of a survey that declares their products useless. The truth, however, is that most of us still need what they sell

Right-sizing security and information assurance, a core-versus-context journey (ZDNet) So we wanted to transform our program into an information-assurance program, so that we could allow our clinicians and other caregivers to have the highest level of assurance that the information they're making decisions based on is accurate and is

Black Friday: An early present for data analysts (Fierce Big Data) Depending on one's perspective, last week's Black Friday, the official beginning of the holiday shopping season, is seen as either a disgusting display of consumerism or a welcome bucket of water for a starving retail sector. But now a new group has its own view of the now national American event: data analysts. To them Black Friday is like an early present

Big data still scaring security experts (Fierce Big Data) The apocalypse is just sitting out there waiting to happen and like a comet in the Oort cloud, it is hiding in a sea of big data says Yaki Faitelson, CEO and co-founder of Varonis. It is the job of security experts to worry about such things. Some would say it is their job to create the worry about such things, but few are doubting the potential dangers to security and privacy from all the data sitting in databases around the world with various levels of security

It's just another Cyber Monday (CSO) Take care when doing your online Christmas shopping today and beyond. But don't buy into the security FUD, either. Every Monday after Thanksgiving I fire up the laptop and watch my inbox load up with security vendor warnings about Cyber Monday. The story pitches use a lot of over-the-top (or painfully obvious) images and warnings about the cyber Grinch hiding inside your computer, waiting to snatch up your credit card numbers with the zeal he displayed when stealing all the Christmas trees and roast beast in WhoVille

Marketplace

CGI to Provide Navy Biometrics System for Recruiting (ExecutiveBiz) CGI Federal has won a potential five-year, $65 million contract to help the U.S. Navy Recruiting Command update the branch's recruiting and accessions system, the company announced Tuesday

GTSI to Continue IRS Tech, Program Support (Govconwire) A subsidiary of GTSI Corp. has won $90 million in task orders to provide technology and program support services to the Internal Revenue Service, the company announced Tuesday. In SysCo won the five orders under the Total Information Processing Support Services contract, known as TIPSS-4

SRA Wins $92M to Support Medicare, Medicaid Accounting (Govconwire) SRA International Inc. has won a contract to support the Centers for Medicare and Medicaid Services' health care integrated general ledger accounting system (HIGLAS)

GDIT Wins $100M to Help Standup New Military Hospitals, Clinics (Govconwire) General Dynamics' (NYSE: GD) information technology business unit has won task orders worth up to $100 million to help the U.S. Army Corps of Engineers install IT equipment at new military hospitals and clinics

Accenture Wins $250M to Develop Identity Mgmt System for TSA (Govconwire) Accenture Federal Services has won a $250 million contract from the U.S. Transportation Security Administration to create identity management and credentialing system processes for individuals working at sensitive and secure areas in the U.S. transportation system. According to a company statement, the contract has a five-year term, during which Accenture will work with TSA

Raytheon Wins $600M to Provide Saudi Arabia with C4I Capabilities (Govconwire) The Kingdom of Saudi Arabia has awarded Raytheon (NYSE:RTN) with a $600 million contract to deliver a Command, Control, Communications, Computers and Intelligence (C4I) system. According to a company statement, the Saudi Ministry of Defense will facilitate the contract for a "national, strategic C4I system, providing capabilities for joint service coordination

Adventist Health System Expands Threat Identification Capabilities (NASDAQ) KEYW provides agile cyber superiority, cyber-security, and geospatial intelligence solutions for intelligence, defense, and commercial customers

Report: Software AG Has $1.3B for Potential Big Data, Cloud Acquisition (Govconwire) German business software maker Software AG has the financial flexibility to make any acquisition worth up to $1.3 billion, finance director Arnd Zinnhardt said in a German weekly Saturday. Reuters reports Zinnhardt said the company is well positioned in terms of its operating activities and balance sheet. He added that the company is on the

Google, Facebook - and now Twitter - go to Washington (IT World) Tech companies spend millions each year to lobbying for (and against) issues that can affect their business; how much do they spend and what issues do they spend it on

Russia's big telecom IPO also happens to be a company that leaked 8,000 text messages online (Quartz) The largest initial public offering by a Russian company since 2010 won't involve an oil and gas conglomerate, a new internet property or a gadget maker. Rather, the hype surrounding the IPO of Russia's MegaFon signals the world's telecommunication companies are increasingly becoming global players. With their power and reach, though, come new responsibilities to users far beyond corporate headquarters

SRA Promotes Deb Alderson to COO, Tim Atkin to Chief Admin Officer (Govconwire) SRA International has promoted Deborah "Deb" Alderson to executive vice president and chief operating officer and Timothy "Tim" Atkin to chief administrative officer and chief of staff, effective immediately. The company said Alderson, who joined the company last year as EVP for strategic development, will be responsible for SRA's civil government; defense; health; and intelligence, law enforcement

Products, Services, and Solutions

Foreground Security Offers Customers A Virtual Security Operations Center (V-SOC) (Dark Reading) Solutions designed to assist government and commercial organizations anticipate, detect and respond to advanced threats and vulnerabilities

Goodbye pseudonyms! Android app store reviews will now show your Google+ name and picture (Naked Security) No more pseudonymous reviews on Google Play - from now on, any feedback you leave on Android apps will be accompanied by your name and photograph

Xen Cloud Platform 1.6 released (Help Net Security) Xen Cloud Platform is a virtualization platform for companies to create and manage virtual infrastructures for servers, desktops and clouds. XCP 1.6 strengthens its server virtualization feature

Dell updates cloud software for iPad and Windows RT (Help Net Security) Dell announced enhancements to its PocketCloud app portfolio, which enables users to easily create a "personal cloud" to search, view, organize, and share content among mobile devices and computers

Palantir's terrorist-tracking technology used for Hurricane Sandy (The Verge) Palantir — aptly named after the seeing stones in Lord of the Rings — gained…but providing US intelligence with software to track ally troops and

Privacy groups ask Facebook to back off privacy changes (CSO) Facebook wants to remove the ability for users to vote on modifications to data usage and privacy policies

Vendors join fight to secure privileged access (CSO) Experts say building-in security is better for future critical infrastructure systems, but Cyber-Ark's Privileged Identity Management Suite is welcome now

Trend Micro issues cloud, mobile security assessment tools (TechTarget) The Cloud Security Alliance, a non-profit industry consortium has produced dozens of documents outlining ways to protect data in the cloud and assess cloud providers to gauge their their security postures. The organization issued a report on data

SANS Launches NetWars CyberCity to Train Cyber Warriors for Defense (Sacramento Bee) "When you lose control of cyberspace, you lose control of the physical world," said Eric Bassel, director at the SANS Institute. "The threat of kinetic effect is real. We have seen detailed evidence of foreign nations deep inside the computer networks

Red Hat Unwraps OpenShift Enterprise At Amazon Event (InformationWeek) Red Hat broadens its open source cloud development platform, which increasingly competes with VMware's Spring and Cloud Foundry

Windows 8 Fizzling, Time For Windows Classic? (InformationWeek) If Windows 8 sales don't improve soon, Microsoft might have to pull a Coke and cut its losses on its radically reengineered OS

8 Cloud Tools For Road Warriors (InformationWeek) Cloud services have become indispensable for doing business on the move. Check out these valuable tools

Is Android too hard for the average user to figure out? (ZDNet) If Android is crushing the competition and dominating the mobile market, then why did iOS devices wipe the floor with Android when it came to Thanksgiving and Black Friday online shopping? Yesterday, Asymco analyst Horace Dediu posted some charts based on data gathered by IBM's Digital Analytics Benchmark for U.S. Thanksgiving and Black Friday sales. However, there's one chart that stands out above the rest, and it's this one that shows the data broken down into individual platforms

Nowhere to hide for Google users as Play is given Plus treatment (Register) Google is continuing its efforts to make anonymous posts on its services a thing of the past by forcing customers wishing to leave product reviews on its recently overhauled Android Marketplace online shop - now dubbed Play - to do so with their real name

Apple: iMac arrives November 30 (SlashGear) Apple's new iMac will go on sale on Friday, November 30, the company has confirmed, with the 21.5-inch all-in-one computer available in-store the same day, while the 27-inch iMac will follow on in December

How Facebook policy changes affect you (Fox News) Recently, a bogus "Copyright Protection Declaration" has been making the rounds on Facebook. On the site's Governance page alone, thousands of users have cut-and-pasted the declaration that claims they own their photos and other content on Facebook

Licensing loophole allows pirates to activate Windows 8 Pro (Fierce CIO: TechWatch) An inadvertent side-effect of the free Windows Media Center update being offered is that it appears to open Windows 8 Pro to piracy. The trick involves temporarily activating a copy of Windows 8 Pro using its Key Management Feature

Technologies, Techniques, and Standards

How to set up a safe and secure Web server (Ars Technica) Learn a lot by doing it yourself instead of going with a hosting company

Can users' phish emails be a security admin's catch of the day? (Internet Storm Center) Blocking phishing emails is part and parcel of now commonplace technology controls, supplied by a wide range of vendors and, depending on your viewpoint (or how many angry user phone calls received daily), they do a great, resonable or bad job of blocking this type of unsolicited email. Despite the technologies deployed, ultimately the human factor is at play [1]. If someone in your company is going to click a link, open an attachment or click on a link to download a password protected file, then go to another site to get the password to open the file and have to install an old version of Java to see the Christmas Chickens dancing Gangnan style, then our reliance on user awareness training and constant reminders is the final safety net

Honeypots Create Sticky Trap for Cybercriminals (point2security) Fighting cybercrime on a national and international level presents huge challenges. However, honeypots may provide Computer Emergency Response Teams (CERTs) with a way of detecting threats earlier, according to a study by the European Network and Information Security Agency (ENISA). Honeypots, simply defined, are any system program, service, system, or data that has no purpose in the system

Stopping rogue traders in their tracks (Fierce Big Data) UBS trader Kweku Adoboli cost his employer $2.3 billion in losses and $47.5 million in fines with his fraudulent trading. He will pay for it with seven years in prison according to the sentence he received last week. But firms are hoping big data can stop such fraud before it does damage, according to the Securities Technology Monitor. Companies like Cataphora, which models individual and organizational behavior, thinks they can stop it. Cataphora is using big data to model employee behavior. It can show a contextual relationship between data--email, spreadsheets, instant messages, phone calls, voice mail, tweets, Facebook (NASDAQ: FB) status updates, expense reports, etc.--and build a digital character for each employee that is mapped against a model of the organization's normal behavior. And then, detect deviations

Design and Innovation

Economic Impact Of Startup Accelerators: $1.6B+ Raised, 4,800+ Jobs Created, 2,000 Startups Funded (TechCrunch) Today, there seem to be more business accelerators than there are startups to fill their classes and cohorts. It seems that not a week goes by without the launch of another accelerator or seed starter fund. In fact, as Peter Relan said in a recent post (riffing on Chris Dixon), accelerators have become an industry segment in their own right. He also goes so far as to surmise that — just as it is

Marc Andreessen Champions Innovation Through Trial and Error, And Error, And Pets.com (TechCrunch) This evening at Andreessen Horowitz's offices in Menlo Park, founding partner Marc Andreessen sat down with William Janeway, recent author, to discuss "Capitalism in the Innovation Economy." Janeway is a well-known investor, and theorist in the investment and software world. It's a very small event, but the conversation is lively. It's Q&A style, and Andreessen is firing off questions

Research and Development

European Commission supports research on Cyber security (SecurityAffairs) Cyber security is considered a primary target for every governments, the increase of cyber criminal activities, state-sponsored operations and the raise of hacktivism requires the use of additional resources to counteract these phenomena. The European Commission has announced an increase to planned cyber security budget by 14% through 2020, a figure considered not sufficient by security experts to face with increasing cyber threats. The commission has allocated 350 million for cyber security research in the period 2007-2013 and established a further investment of 50 million to finance the activities until 2020

Academia

Fraud 101 for universities (Help Net Security) Colleges and universities are becoming more aware of the fraud threats they face, but there is still a lot of room for educating the educators," says James Gifas, head of Treasury Solutions at RBS

Naval Postgraduate School flaunts Navy rules, investigation finds (Monterey County Herald) A Navy investigation of the Naval Postgraduate School has found evidence school officials have consistently chosen not to adhere to federal and Navy rules, regulations and policies, and actively sought to avoid changing their practices

Kids get cyber smart in Doncaster (Manningham Leader) His concerns prompted him to invite a speaker from Trend Micro's Cyber Safety Squad to address children to share ways to keep safe. Trend Micro cyber safety expert Aman Chand said the accessibility children had to connected devices increased their

Southampton University opens cybersecurity research centre (CSO) Latest institution to access GCHQ funding. The University of Southampton has become the latest institution to formally launch its cybersecurity research centre as part of the Academic Centre of Excellence in Cyber Security Research (ACE-CSR) funding coordinated by GCHQ

Legislation, Policy, and Regulation

EU data proposal would likely lead to search engine filtering, says ENISA (Fierce Government IT) If the European Parliament approves a right to be forgotten as part of a data protection proposal unveiled earlier this year, it's very possible the result will be large-scale search engine filtering, says the European Network and Information Security Agency. In a paper released Nov. 20, the agency says technical means alone don't exist that would permit individuals to control the distribution of information about them on the open Internet

Google's 'Defend Your Net' Campaign Implies That All Of The Internet Is 'Fair Use' (TechCrunch) Does the Internet exist to inspire and inform society and therefore limits copyright holders ability to block information? Hidden between the lines of Google's otherwise predictable "Defend Your Net" campaign in Germany, where the legislature may allow publishers to charge for snippets of content on Google search results, is a very intriguing argument: information on the Internet is a public good

Google fights back against German 'link tax' proposal (IT Proportal) Google is fighting back against a proposed German law that could end easy web access for the search giant. What began in August as a simple update to Germany's Federal Copyright law has become an international kerfuffle, pushing Google to reach out to its users for help. A recent petition invites people to "defend your network" from the proposal that would force search engines to pay copyright fees every time a newspaper article link appears on services like Google News

VPN ban makes for nervy times behind Great Firewall (The Register) Multinationals and foreign web users based in China to get jittery on Wednesday after pictures began circling the internet which suggested a new clamp down on the use of virtual private networks (VPNs). While VPNs in the Western world are more commonly used to enhance security, for netizens-in-the-know living in the Peoples Republic they represent an essential tool for bypassing the Great Firewall, which blocks many foreign sites and services including Twitter, Facebook and, periodically, Gmail. As such, they can also be important for the continuing productivity of foreign firms operating inside China, ensuring unfettered access for employees to the world wide web, although just how important will depend on the type of company

Tories face international pressure to pass cybercrime provisions, documents show (Montreal Gazette) The Harper government, under pressure at home over its controversial Internet surveillance bill, including a renewed push from law enforcement to pass the legislation, continues to come under international pressure to pass Bill C-30. The legislation, dubbed the lawful access bill, contains provisions that would allow Canada to ratify an 11-year-old convention on Internet crime, which its allies are antsy to see approved. A confidential briefing note for Public Safety Minister Vic Toews, prepared ahead of a meeting with officials from the United Kingdom, notes that Canada has yet to ratify the Council of Europe Convention on Cybercrime, also known as the Budapest Convention, named after the city in which is was signed in 2001

FCPA Guide Underscores the Importance of Risk-Based Due Diligence (IPSA International) The term due diligence is mentioned 76 times in the newly released Resource Guide to the U.S. Foreign Corrupt Practices Act (FCPA Guide) where, over the past four years, corporations have paid more than $2 billion in fines arising from FCPA violations. According to the FCPA Guide, risk-based due diligence is critical to the detection and prevention of corrupt activities, the cornerstone of an effective anti-corruption program, and a key factor taken into consideration by the U.S. Department of Justice (DOJ) and Securities and Exchange Commission (SEC) in declining to pursue FCPA violations. The FCPA Guide underscores the importance of risk-based due diligence in two areas considered the most common sources of corruption risk - third-party intermediaries and mergers and acquisitions

Intelligence agents need whistleblower protections too (The Hill) This would include employees at the Central Intelligence Agency (CIA), National Security Agency (NSA), Defense Intelligence Agency (DIA) and intelligence units in most other government agencies. The House, in a bi-partisan accord, specifically stripped

Who's leading on critical infrastructure? (FCW.com) Although lawmakers, CEOs and officials at the highest levels say securing critical infrastructure against potential cyber threats is a top priority, it remains unclear who is leading the way. The failure of the Cybersecurity Act

Obama Administration in Talks to Draft Cyber-Security Executive Order (eWeek) A White House spokesperson declined to offer a further update on the progress of the order, which Department of Homeland Security Secretary Janet Napolitano said in September was close to completion. Just what the order would do is a matter of

UK regulators warn industries on customer data access (Fierce Big Data) While regulators in the U.K. drew a line in the sand last week for financial services companies, mobile operators and energy companies--warning them to comply voluntarily with rules governing customer access to data or be compelled to do so--lawyers from Pinsent Masons this week held the U.K.'s business-friendly approach to big data and anonymizing data as a model for the rest of the European Union

Litigation, Investigation, and Law Enforcement

'Significant deficiency' with Social Security Administration cybersecurity, say auditors (Fierce Government IT) Weaknesses in Social Security Administration cybersecurity during the last fiscal year collectively amounted to a significant deficiency, says the agency's office of inspector general. They base their finding of a significant deficiency also on financial auditor's discovery of a material weakness in agency financial systems

Nokia Wins Tribunal Ruling Against RIM In WLAN Patent Licensing Dispute (TechCrunch) More bad news for RIM: Nokia has won a tribunal ruling against the BlackBerry-maker regarding its WLAN-related patents. The ruling means RIM will have to pay royalties for handsets now considered to be in breach of a prior licensing agreement between the two. To enforce the tribunal's ruling, Nokia said it has now filed actions in the US, UK and Canada

Lynch declares innocence in open letter to HP board, HP fires back (IT World) The feud between Autonomy founder Mike Lynch and Hewlett-Packard's leadership over alleged accounting fraud at the software vendor has intensified, with Lynch declaring his innocence in an open letter to the company's board and HP quickly returning fire

FBI uses Twitter, social media to look for securities fraud (Reuters) The FBI sees social media as a potential breeding ground for securities fraud, and has agents scouring Twitter and Facebook for tips, according to two top agents overseeing a long-running investigation into insider trading in the $2 trillion hedge fund industry. April Brooks, a special agent in charge of the New York field office of the Federal Bureau of Investigation, and David Chaves, a supervisory agent, said it is hard to predict the next wave of securities fraud, but they add that it will have a lot to do with advances in technology and social media."I will tell you technology will play a huge part, social media, Twitter. Any kind of technology that is new and doesn't exist today, if there is any way to exploit it, these individuals will exploit it," Brooks told Reuters TV in an interview for the Reuters Investment Outlook 2013 Summit

Does Using Certain Privacy Tools Expose You to Warrantless NSA Surveillance? (American Civil Liberties Union News and Information) Can using privacy-enhancing tools (such as Tor or a Virtual Private Network) actually expose you to warrantless surveillance by the National Security Agency? This week, the ACLU sent off four FOIA requests to federal agencies in order to try and answer

WikiLeaks case focusing on Manning's confinement (USA TODAY) Supporters of an Army private charged in the biggest security breach in U.S. history packed a military courtroom on Tuesday as his attorneys made the case he'd already been punished enough when he was locked up alone in a

Man arrested in connection to cyber threats against law enforcement officers (Midland Reporter-Telegram) Special agents with Homeland Security Investigations (HSI) arrested a man Tuesday morning in connection with cyber threats made against West Texas law enforcement officers. Jacob Ramos Esparza, 30, was arrested around 1:30 a.m. Tuesday at an area truck

Construction company, bank, settle dispute over $345,000 cyber heist (CSO) Both had sought to hold the other responsible for theft

Romanian authorities dismantle cybercrime ring responsible for $25 million credit card fraud (CSO) Sixteen suspected members of a cybercrime gang that stole credit card data from foreign companies were arrested in Romania

Investigation Into General Narrows Look At E-Mail (New York Times) Two and a half weeks after Defense Secretary Leon E. Panetta announced an inquiry into e-mail exchanges between Gen. John R. Allen of the Marines and a socialite in Tampa, Fla., some 15 investigators working seven days a week in the Pentagon inspector generals office have narrowed their focus to 60 to 70 e-mails that bear a fair amount of scrutiny, a defense official said

LulzSec hacker faces 30 years to life (CSO) Jeremy Hammond is denied bail, placed on terrorist watch list. Jeremy Hammond is in really big trouble. Or, perhaps, the government is just trying to "scare the (expletive) out of him," in the words of Kevin Mitnick, formerly known as the world's "most-wanted hacker" and now a security consultant

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

First Annual Maryland Digital Forensics Investigation Conference and Challenge (, January 1, 1970) Test your knowledge of digital forensics and cyber investigations. Academic teams of four students from Maryland high schools, community colleges and universities will compete for prizes in the Cyber Crime...

Digital Security Summit (Riyadh, Saudi Arabia, December 1 - 2, 2012) A major conference to discuss the growing threat to digital security in the Middle East, especially in Saudi Arabia.

Passwords^12 (, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...

CompTIA Security+ Certification Boot Camp Training Program (Baltimore, Maryland, USA, December 3 - 6, 2012) For the cybergamut community, an opportunity to receive Computing Technology Industry Association certification.

tmforum Management World Americas (Orlando, Florida, USA, December 3 - 6, 2012) Management World Americas is the only conference covering end-to-end management of digital services and the challenges of running any service provider business. In addition to a full Cable Summit and Executive...

Cybergamut Tech Tuesday: Sandboxing goes mainstream (Columbia, Maryland, December 4, 2012) An overview of sandboxing as a key security technology.

CIO Cloud Summit 2012 (, January 1, 1970) The CIO Cloud Summit will help C-level executives better understand the true capabilities of cloud computing and the transformational opportunities it can bring.

BayThreat (Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.

2012 European Community SCADA and Process Control Summit (Barcelona, Spain, December 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations...

SANS SEC 504 - Hacker Techniques, Exploits & Incident Handling (Linthicum Heights, Maryland, USA, December 10 - 14, 2012) Rescheduled after Hurricane Sandy, this SANS Institute program provides information on how to recognize and respond to hacking.

tmforum Big Data Analytics Summit (Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...

#BSidesBOS (Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...

The Future of Cyber Security 2013 (London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.

Cloud Connect Silicon Valley (Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...

InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...

25th Annual FIRST Conference (Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.