skip navigation

More signal. Less noise.

Daily briefing.

Syrian Electronic Army (SEA) pro-Assad hacktivists continue "random" web vandalism. Investigation of the SEA's successful attack on media sites they consider "unfair" to Assad continues, with no malware payloads yet found. (That's not unexpected: the SEA hasn't so far generally used its attacks as malware vectors.)

As the likelihood of Western punitive operations against the Syrian regime rises (French authorities predict some will occur by next Wednesday), fears of an asymmetric cyber response from Syria and its Iranian partner also rise. US banks are particularly concerned.

Last week's Nasdaq flash freeze is now being attributed to a flood of traffic from NYSE's Arca platform as Arca tried to connect to Nasdaq's Securities Information Processor (SIP). SIP couldn't throttle the traffic, and so trading halted.

Bring-your-own-device (BYOD) leads to a new trend in the cyber marketplace: BYOA (bring-your-own-attorney). Multinational firms support cyber talent cultivation with a new academy in the UK.

Several draft information security standards are being circulated, some general, others sector-specific (e.g. aviation).

The European Union intends to push domestic cloud services, significantly over concerns with US surveillance, but also with protectionist and dirigiste motives. Studies indicate that US Government appetite for surveillance data is not unique. It's not even world-leading: the US ranks just seventh in data requests.

As the US President's surveillance policy panel begins work (to considerable skepticism, but the panel may surprise skeptics with its independence), DNI Clapper announces plans to release an annual report giving figures on FISC court orders and national security letters.


Today's issue includes events affecting Australia, Brazil, European Union, France, Germany, Israel, New Zealand, Nigeria, Syria, South Africa, Taiwan, Turkey, United Arab Emirates, United Kingdom, United States..

The CyberWire will take a break Monday to observe the US Labor Day holiday, but we'll resume normal publication Tuesday.

Cyber Attacks, Threats, and Vulnerabilities

Syrian Hackers Promote Assad Government by Vandalising Random Web Sites (Cloudmark) The Syrian Electronic Army (SEA) has been getting a lot of press recently for successful phishing attacks against media outlets that they feel have painted an unfair picture of the Syrian government. In investigating hacked web servers used by spammers we've come across another, smaller, group supporting the Syrian Government. The SeCuR!TY LiONS HaCK3RS (sic) are not hacking into other peoples' web servers to send spam though. They are just doing it to deface the site with a pro-Assad message

US threat: Syria to retaliate with cyber attack? (FirstPost) f the United States attacks Syria, it will be the first time it strikes a country that is capable of waging retaliatory cyberspace attacks on American targets. The risk is heightened by Syria's alliance with Iran, which has built up its cyber capability in the past three years, and already gives the country technical and other support. If Iran stood with Syria in any fray with the United States that would significantly increase the cyber threat, security experts said. Organized cyber attacks have already been carried out by the Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad

Syria–Iran cyberwar fears are a diversion from real issues (ZDNet) Will western military action against Syria redound as cyber-disaster in western Internet infrastructure? There are many reasons for the US not to attack, but this isn't one of them

No Proof Of Malware In New York Times DNS Hijacking Attack (Dark Reading) No evidence thus far to confirm that the Syrian Electronic Army embedded malware on redirected Web pages, but investigation continues. Dropping malware isn't the usual M.O. for the Syrian Electronic Army (SEA): The pro-Assad hacktivist group is best-known for loudly spreading its message -- or even fake news -- via hijacked high-profile websites and Twitter accounts of media and other organizations, not for amassing bots or infecting machines. So when some security experts yesterday reported that malware may have been embedded in the Web pages the attackers redirected The New York Times website to, it signaled a possible shift in strategy by the group

Hack attacks, explained (Harvard Gazette) Computer network hackers calling themselves the Syrian Electronic Army earlier this week disrupted The New York Times' website for nearly a day and electronic publishing on the Twitter social network for several hours. Also targeted were the Huffington Post and other media outlets

Israel Prepares for Possible Cyber Attack (The Media Line) Israelis are lining up to get government-issued gas masks and stocking up on batteries and water just in case an American attack on Syria causes Syria or its ally

Phishers cast a wide net and catch a whale: The New York Times (IT World) The Times got hacked via the one security flaw it's nearly impossible to avoid: Human gullibility

Inside the Response to the New York Times Attack (Threatpost) Late Tuesday morning, one of the engineers in CloudFlare's San Francisco office saw a message on Twitter saying that the New York Times Web site was down. Minutes later, more messages appeared, as security researchers and others began looking into the situation and realized that someone may have compromised the site's DNS records. Understanding the ramifications of that sort of attack, if that's in fact what it was, Matthew Prince, CloudFlare's CEO sent an email to Rajiv Pant, the CTO of the Times, saying that the company's engineers would be available if Pant needed some help figuring out the situation. He did

U.S. Banks Seen as Targets of Syrian Cyber–Attacks (American Banker) The U.S. is planning for a possible wave of computer attacks against companies by hackers connected to Syria or Iran in retaliation for any military strike against the government of Bashar al-Assad, according to a person familiar with the planning. The National Security Agency has tapped hackers' computers in the Middle East to assess their ability to disrupt power grids, financial systems or other critical infrastructure, according to another person familiar with those operations

UAE twitter disruption blamed on Syrian hackers' US attack (The National) Users of one of the world's most popular social media sites have been experiencing problems with the service this morning. The browser-based version of Twitter was non-responsive to many in the UAE from just after 8am on Wednesday

Emirati academics have Twitter accounts hijacked by hoax virus (The National) A handful of active Emirati academics and writers on social site Twitter had their accounts hijacked in the past 24 hours. An unknown virus spreading through a link successfully seized five accounts of prominent users

Cyber-attack behind Afrihost, MTN Internet problems (MyBroadband) An outage on the MTN network on Wednesday, 28 August 2013, that affected its customers as well as service providers such as Afrihost and Axxess, was

Tor usage doubles in August. New privacy-seeking users or botnet? (Naked Security) The anonymising service Tor has seen a huge surge in use this month with the number of daily directly connecting users shooting up from a fairly consistent average of 550,000 over the last year to over 1,200,000 in August

Shutdown at Nasdaq Is Traced to Software (New York Times) Though the Nasdaq market calls itself home for the stocks of the world's biggest technology companies, the exchange acknowledged on Thursday that a three-hour halt in trading arose from a problem with its software. The Nasdaq OMX Group, the parent company, on Thursday released preliminary findings that provided the clearest official insight into what caused the trading halt, being called in trading circles as the "flash freeze"

Nasdaq operator admits partial blame for outage (Computer Weekly) Last week's three-hour shutdown of the tech-heavy Nasdaq raised fears over cyber attacks, but now the company that owns and operates the stock exchange has admitted partial responsibility. However, the Nasdaq OMX Group also blamed rival stock exchange operator NYSE Euronext for swamping Nasdaq's systems with "a stream of inaccurate symbols", according to the BBC

Rendering bug crashes OS X and iOS apps with string of Arabic characters (Ars Technica) CoreText bug crashes any iOS 6 and OS X programs that use the API. There's a new bug in town, and it's here to crash your Mac and iPhone applications. Posters in a HackerNews thread from late yesterday have discovered that it's possible to crash Web browsers and other apps running on current versions of iOS and OS X by making them render a specific, nonsensical string of Arabic characters. The title of the HackerNews thread implies that the issue is with the WebKit browser engine, but it actually affects any browser or application that uses Apple's CoreText API to render text. Ars Microsoft Editor Peter Bright has taken great pleasure in sending the text string to his co-workers, which has crashed the Limechat IRC client and Adium chat client, among other programs

PCs with Security Software May Still be Infected, Says Bitdefender (Finance Post) Online security vendor Bitdefender has warned consumers that installing an Internet security software in a PC may still not be an assurance that the computer would not be infected by a virus. The company said a wrong impression by PC users might expose them to potential risks

New Trojan Malware Disguises as Fake Xerox Scans (Finance Post) Online security vendor Bitdefender has warned office workers against responding to an email that invites them to open and download a supposed scanned file by a Xerox machine. According to the Internet security firm, such emails are among a series of messages in a new spam campaign that aims to infect unsuspecting victim's PC systems with the Trojan virus

Apple neglects OS X privilege escalation bug for six months, gets Metasploit on its case (Naked Security) Six months ago, we wrote about a risky bug in the sudo command, the Unix equivalent of Run As… on Windows. You use sudo to run an operating system command as a different user, usually root, the all-powerful Unix administrator account

Many major brand mobile apps not secure on Android, says study (CSO) Research from app development firm RIIS claims mobile apps from big-name brands like Walmart and Delta are full of security holes that can expose sensitive information

Homeland Security Worried About Android Security; They Probably Should Read SecurityWatch (PC Magazine) A report from the U.S. Department of Homeland Security shows that the government is becoming increasingly concerned about Android security threats. If the feds are grappling with how to keep Android phones secure, maybe they should just ask us for advice

Scammers Lure Twitter Users by Saying They Can Appear in Celebrity Music Videos (Softpedia) In case you're dreaming of appearing in the next music video of Miley Cyrus, Ariana Grande, Lady Gaga, Robin Thicke, Adele, Rihanna, or other popular artists, you should beware of a scam that's currently doing the rounds on Twitter

Security Patches, Mitigations, and Software Updates

VMware ESXi and ESX address an NFC Protocol Unhandled Exception (VMWare) VMware has updated VMware ESXi and ESX to address a vulnerability in an unhandled exception in the NFC protocol handler

Cyber Trends

Banking Trojans dominate malware in e–mail traffic (Help Net Security) The percentage of spam in email traffic in July was up only 0.1 percentage points and averaged at 71.2 per cent, according to Kaspersky Lab

Tech pioneer Vint Cerf on the age of context and why you can't be a citizen of the Internet (The Next Web) Few people have as much claim as Vint Cerf to the title "Father of the Internet," but as the technologies he helped develop in the 1970s and '80s become increasingly central to our lives, delighting us in ever more exciting ways, they're also facing greater scrutiny by the intelligence services

Forget "post–PC"—pervasive computing and cloud will change the nature of IT (Ars Technica) In the next five years, mobile tech and analytics will change how we work. Change happens in IT whether you want it to or not. But even with all the talk of the "post-PC" era and the rise of the horrifically named "bring your own device" hype, change has happened in a patchwork. Despite the disruptive technologies documented on Ars and elsewhere, the fundamentals of enterprise IT have evolved slowly over the past decade

Dropbox reverse engineering an omen for software industry (PCWorld) The risks of relying on the cloud have been discussed at length, but security researchers are about to add a new danger that users will soon have to worry about: Reverse engineering the software directly. In a new paper, "Looking inside the (Drop) box" [PDF], security pros Dhiru Kholia and PrzemysBaw Wegrzyn outline in painstaking detail the steps they took to successfully decode the program that makes up the Dropbox user client, essentially opening it (and their would-be victims' accounts) up for direct attack

Would you publicly report a security breach? (Help Net Security) Recent research by AlienVault revealed that only 2% of surveyed EU companies would be willing to go public should they suffer a security breach. 38% opted to inform the relevant authorities and 31% said

Australian organizations are not effectively managing IT risks (Help Net Security) The Australian chapters of ISACA highlighted the potential for security breaches and major technology disasters at leading Australian organizations, with 60% of IT professionals stating they do not be

Information Security's Real Threat: Oversharing (InformationWeek) Too much sharing and too little risk and security management are bad for business, especially among SMBs. It's a safe bet Voltaire wasn't thinking of Facebook when he wrote those words, but it's a useful warning for businesses now enjoying the growing clout of social media. Reaching thousands of customers by dashing off a quick sentence and hitting 'Share' is both great and powerful -- but too much sharing without enough risk management can be bad for business

New Security Trend: Bring Your Own Attorney (InformationWeek) BYOA is not a security joke anymore. There is clearly a need for a cybersecurity community that is well-versed in legal and ethical principles

VMware: Enterprises Still Need Data Centers (InformationWeek) VMware's Gelsinger tells VMworld that cloud services can't yet handle tough compliance, governance and service level requirements


Java security will be in the spotlight at JavaOne (InfoWorld) Oracle isn't shying away from Java's well-publicized security issues at the upcoming conference

Employer–backed Cyber Academy launches to boost UK's information security skills (CIOL) As part of its National Skills Academy for IT, e-skills UK has launched the Cyber Academy. This employer-led programme of work will help the nation develop the cyber security skills it needs to manage future threats and stay at the forefront of this rapidly evolving and expanding field

Why The NSA Is The Least Of Your Cloud Concerns (Forbes) Revelations over the NSA's aggressive data collection have ignited fears that customers will abandon U.S. cloud companies—or even cloud computing itself. The fears are unfounded and will dissolve. Here's why

How Worried Should Small Businesses Be Regarding Cyber Security? (Forbes) By some estimates, network-based attacks, such as DDOS (short for Distributed Denial of Services), which have the ability to take down large computing networks, have increased by 700 percent this year. Targeted DDOS attacks against internet service providers, domain registrars, web hosting providers, and individual businesses have been known to cripple thousands of websites simultaneously for extended periods of time

Growing Your eCommerce Business Through Security (McAfee Blog Central) With online shopping already a major part of U.S. retail sales culture, it is crucial for merchants to figure out how to differentiate themselves from the competition. While there are many factors that determine the success of an eCommerce business, building trust is one of the most important when it comes to reducing shopping cart abandonment and boosting sales. To build this trust, businesses need to ensure that site visitors feel sufficiently comfortable sharing personal details like credit card and billing information. In addition to backend security like firewalls and web application protection, confidence elements like trustmarks can help improve customer confidence and ultimately lead to an increase in traffic

Procera Lands Multi-Million Order from Top 5 Mobile Operator in Latin America (Converge Digest) Procera Networks confirmed the receipt of an initial multi-million dollar order from a Tier 1, top 5 Latin American mobile network operator (MNO). Initial revenue is expected to be recognized in the second half of 2013

Carlos Salazar Promoted to IntelliDyne CFO (GovConWire) Carlos Salazar, who joined IntelliDyne in 2010 from Accenture, has been promoted to chief financial officer at the Falls Church, Va.-based public sector consulting firm

Serco Receives Pentagon Industrial Security Excellence Award (GovConWire) Serco's U.S. subsidiary has received an award from a Defense Department organization, acknowledging the company's work to establish security measures and best practices

Northrop to Acquire Australia's Qantas Airways Defense Unit (GovConWire) A Northrop Grumman Corp. (NYSE: NOC) subsidiary has reached an agreement to buy Qantas Airways' defense business for an undisclosed amount as Northrop looks to further its international strategy. Northrop Grumman Australia Pty Ltd.'s acquisition of Qantas Defence Services Pty Ltd. could wrap up in 2014 after meeting several conditions, Northrop Grumman said Wednesday. Wes Bush, Northrop Grumman chairman, CEO and president, said the QDS buy will help expand the company's unmanned, C4ISR, cyber and logistics and modernization platform

Proxynet partners Fire Eye solution to tackle cyber attack on Businesses in West Africa (Business Daily) As part as of its effort to provide solution to protect important data and information of financial organisation, government and businesses from incidence of cyber attack, Proxynet Communications Limited has committed over 80,000 US dollars in partnership with Fire Eye, a US based web malware protection system company to safe guard data of corporate organisations against the upsurge of cyber attacks

Products, Services, and Solutions

Firefox OS may be the Ubuntu slayer in smartphones (IT World) The low cost of Firefox OS smartphones has given them a leg up against the competition, while the Ubuntu Edge is having trouble even getting out of the gate

WatchGuard updates email and web security appliance (Help Net Security) WatchGuard Technologies introduced the WatchGuard XCS 880, which is designed to meet the email and web-based content security needs of large enterprises. Delivering 20 percent more processing power

In Facebook's Proposed Privacy Policy Updates, Your Face Pics Really Do Matter (All Things D) Facebook is considering making another set of changes to its data-use and user-rights policies, a move that the company positions as a clearer way to explain how Facebook uses member data

Blackbag Technologies: Blacklight® 2013 R2 Software Release (Forensic Focus) BlackBag Technologies, Inc., a leading developer of forensics software and training solutions, today announced the immediate availability of BlackLight 2013 R2, a comprehensive iPhone, iPad, Mac OS X, and Windows forensic analysis tool. This latest release includes improved data search and processing speeds, and advanced evidence mapping and analysis features

Oxygen Forensic Suite 2013 Enhances Mobile Analytics with Links and Stats (Forensic Focus) Oxygen Software has updated its flagship mobile forensic product, Oxygen Forensic Suite 2013, enhancing mobile analytics with Links and Stats view. Replacing previously available Communication Statistics with revised Links and Stats view, the update helps mobile forensic specialists analyzing users' communication statistics by aggregating information from a wide range of sources such as calls and messages, emails, numerous social networks, chats, instant messengers and other types of applications

Forensic Explorer Fast Shadow Copy Access Added (Forensic Focus) Australian software company GetData Forensics adds Volume Shadow Copy analysis to Forensic Explorer. "Volume Shadow Copies are a potential gold mine for the forensic investigator" said GetData Managing Director John Hunter. "Until recent times they have often been overlooked due to difficulty of access. Forensic Explorer changes this"

Technologies, Techniques, and Standards

Administration Previews Optional Industry Cyber Standards (NextGov) The Obama administration has released a draft of computer security protocols for companies that operate key systems, such as chemical plants and the electric grid. The document admittedly does not address privacy issues

Making sense of your logs (SC Magazine) As organizations continue to embrace cloud, mobility and agility-driven business models, formerly well-defined network boundaries evolve into virtual bridge and termination points. So, is it sufficient to continue with the traditional log-aggregation model that drives security information and event management (SIEM)

IPv6 To Complicate Threat-Intelligence Landscape (Dark Reading) A common type of Internet-based threat intelligence is the assigning of reputation scores to the source of traffic, usually expressed as a certain Internet address or domain. Yet, with the gradual--some would say "glacial"--move to the Internet Protocol Version 6 (IPv6) address scheme, the Internet's address space will grow from merely big to nearly infinite. The vastness of the address space will cause problems for many threat-intelligence firms, from allowing attackers to use a new address for every attack to causing a rapid expansion in the size of the database needed to track the data on various sources, says Tommy Stiansen, chief technology officer for Norse, a real-time threat intelligence provider

Implement ISO 27001 according to current 2005 revision, or wait for new 2013 revision? (ISO 27001 & ISO 22301 blog) Currently, the most repeated question I hear from companies implementing ISO 27001 is: "I heard a new revision of ISO 27001 is soon to be published - what should we do? Should we wait for the new revision or implement the standard according to the currently valid revision from 2005?" My suggestion is: if you can finish it rather quickly, use the current 2005 revision; if you are just starting, go straight away with 2013 revision. Here's why

Open security isn't just software, say government open source advocates (FierceGovernmentIT) Open source advocates within government say the many eyeballs approach to creating software functionality can extend to improving system cybersecurity. The Homeland Security Department has quietly for a few years now run a program dubbed Homeland Open Security Technology, adding money for development of an open source intrusion detection and prevention engine known as Suricata and funding FIPS 140-2 validation of an open source toolkit for implementation of SSL and TLS known as OpenSSL

NIST discussion draft of cybersecurity framework leaves many unanswered questions (FierceGovernmentIT) A discussion draft of the preliminary cybersecurity framework still leaves a lot of the implementation details undecided, acknowledge National Institute of Standards and Technology officials. NIST released the discussion draft (.pdf) Aug. 28 in anticipation of a fourth workshop on the framework set to be held in Dallas Sept. 11-13. A preliminary framework is due this October, with a finalized version due in February

Big Mother is watching you (Financial Times) When Apple introduced the Find My iPhone app three years ago, its aim was to help people locate their lost smartphones. But EJ Hilbert, a 43-year-old former FBI officer, had a better idea - installing the app on his three children's devices, so that he could track them wherever they went

Pushing for Perfect Forward Secrecy, an Important Web Privacy Protection (EFF) When you access a Web site over an encrypted connection, you're using a protocol called HTTPS. But not all HTTPS connections are created equal. In the first few milliseconds after a browser connects securely to a server, an important choice is made: the browser sends a list of preferences for what kind of encryption it's willing to support, and the server replies with a verification certificate and picks a choice for encryption from the browser's list. These different encryption choices are called "cipher suites." Most of the time, users don't have to worry about which suite the browsers and servers are using, but in some cases it can make a big difference

Doxing : The Dark Side of Reconnaissance (Infosec Institute) Doxing is a coin with two sides. Doxing can be used for security, research and collecting proof for investigation in one hand but in other hand, it can be used for cyber harassment and other serious cyber issues. But here, after lots of research, I learned that Doxing is a part of Reconnaissance, which generally focuses on its dark side. So before entering into the dark side, let's first understand the bright side i.e. Reconnaissance

Missing the Real Opportunity of Snowden and Manning (CSO) Failing to recognize the underlying point of these and similar actions, we miss out on the necessary conversation we need to have as an industry, and in our organizations

AIAA Releases Cybersecurity White Paper (AINonline) The American Institute for Aeronautics and Astronautics (AIAA) has expressed concern about the lack of an international agreement on tackling the cybersecurity threat to commercial aviation around the world. The group gave the warning in a new white paper published on August 13 called A Framework for Aviation Cybersecurity

Making Intrusion Prevention and Malware Protection Work Together to Combat Modern Attacks (SecurityWeek) There's a lot of talk in the security industry and among organizations about the threats we face - malware, advanced persistent threats, zero-days, targeted attacks, viruses, Trojans, Distributed Denial of Service attacks, worms, phishing…the list goes on and on. But no matter how you parse it, it all comes down to threats. More specifically, two fundamental types of threats: known and unknown

Research and Development

Let Me Answer That For You: Exploiting Broadcast Information in Cellular Networks (Technische Universitãt Berlin and Deutsche Telekom) Mobile telecommunication has become an important part of our daily lives. Yet, industry standards such as GSM often exclude scenarios with active attackers. Devices participating in communication are seen as trusted and non-malicious. By implementing our own baseband firmware based on OsmocomBB, we violate this trust and are able to evaluate the impact of a rogue device with regard to the usage of broadcast information. Through our analysis we show two new attacks based on the pag- ing procedure used in cellular networks. We demonstrate that for at least GSM, it is feasible to hijack the trans- mission of mobile terminated services such as calls, per- form targeted denial of service attacks against single sub- scribers and as well against large geographical regions within a metropolitan area

Dust: A Blocking–Resistant Internet Transport Protocol (University of Texas) Censorship of information on the Internet has be en an increasing problem as the methods have become more sophisticated and increasing resources have been allocated to censor more content. A number of approaches to counteract Internet censorship have been implemented, from censorship - resistant publishin g systems to anonymizing proxies. A prerequisite for these systems to function against real attackers is that they also offer blocking resistance. Dust is proposed as a blocking - resistant Internet protocol designed to be used alone or in conjunction with e xisting systems to resist a number of attacks currently in active use to censor Internet communication. Unlike previous work in censorship resistance, it does not seek to provide anonymity in terms of unlinkability of sender and receiver. Instead it provid es blocking resistance against the most common packet filtering techniques currently in use to impose Internet censorship

NSA seeks 'groundbreaking' spying powers, new leak reveals (CNET) The US government's spying budget includes funds to invent new technologies "to defeat adversarial cryptography and exploit Internet traffic," leaked documents

DARPA Demos Mobile Network Tech (ExecutiveGov) The Defense Advanced Research Projects Agency has ended phase one of field-testing of its Content-Based Mobile Edge Networking program, kicking off the next stage of the project aimed to mature the technology


University of Fairfax partners with Defense Acquisition University on Cybersecurity (CivSource) Earlier this week CivSource reported on the Big Data Institute announced by the University of Virginia and its possible overlapping work with the state's cyber security initiative Semper Secure. Now, the University of Fairfax and Defense Acquisition University are joining in. Military and civilian government employees and contractors who have completed Defense Acquisition University (DAU) coursework may now be able to receive graduate credit towards a master's or doctoral degree in cybersecurity from the University of Fairfax (UoF)

University cybersecurity: Different, but still the same (GCN) Universities are shoring up their cybersecurity strategies amid a rising wave of attacks on their networks. Schools from the University of North Carolina to the University of California at Berkeley have doubled the size of their IT staffs and/or budgets in order to address the problem

Legislation, Policy, and Regulation

Europe pushes own digital 'cloud' in wake of US spying scandal (EurActiv) In June and July 2013, the Cloud Security Alliance, an industry group, surveyed members and other cloud computing stakeholders about their reactions to the

Snowden Leaks $52 Billion Intelligence Budget, Reveals "Offensive Cyber Operations" (TechCrunch) National Security Agency leaker and new Russia resident Edward Snowden has leaked a top-secret $52 billion intelligence budget to the Washington Post. The partially redacted budget reveals the successes and shortcomings of the United States' sprawling intelligence apparatus, as well as the justifications for top-line budget items

New Snowden Leak Reports 'Groundbreaking' NSA Crypto–Cracking (Wired) The latest published leak from NSA whistleblower Edward Snowden lays bare details of the U.S. government's highly classified 2013 intelligence budget, and makes the first reference in any of the Snowden documents to a "groundbreaking" U.S. encryption-breaking effort targeted

U.S. appetite for Internet user data not unique (ComputerWorld) Analysis of transparency reports from Google, Microsoft, Skype show other countries equally -- or more -- demanding

The Coming Standoff Between Tech Companies and Government (Wired) Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook's post as a middle finger pointed in NSA's direction. This heralds a looming standoff between technology companies like Apple, Facebook, and

Clapper to Publish Numbers of Secret Spying Orders (ABC News) The nation's top intelligence official said Thursday that he'll now release figures every year on how many new top secret court orders and national security letters are issued and how many people are targeted because of them

White House NSA surveillance board heavy on the Washington insiders (FierceGovernmentIT) President Obama's picks for a five member group tasked with reviewing National Security Agency surveillance has drawn criticism over its insider-heavy composition

Can the NSA review panel's 'new thinking' really change privacy policy? (The Verge) Questionable appointments and a vast scope could make real progress unlikely. On Tuesday, President Barack Obama officially announced the five men in charge of reviewing the secretive and powerful US intelligence apparatus: Richard A. Clarke, Michael Morell, Cass Sunstein, Geoffrey Stone, and Peter Swire. The group — which includes three former White House advisors and one former CIA deputy director — will be given the task of restoring public trust in a much-maligned program, using what Obama has called "new thinking for a new era." But how much new thinking can be done in a few months, and how motivated are the panelists to make real changes

The Definitive NSA Parody Site Is Actually Informative (Forbes) When I was working on a story about how much information the NSA data center in Utah might actually hold, a colleague sent me a link to this site, suggesting that the NSA was actually pretty transparent about its plans in Bluffdale. The "" site had maps and photos of the data center, an overview of the plan for the site, and a description of the equipment that would be used there, as well as links to relevant articles. While the site looks very much like the NSA's and much of the information – as gleaned from news articles – is accurate, it's a parody site that takes on the bureaucrasona of the fictional "Domestic Surveillance Directorate"

Litigation, Investigation, and Law Enforcement

Injunction to continue in Miranda press freedoms case: expedited Judicial Review to be heard in October to scrutinise Government assertions (Bindmans) Last week, Mr Miranda made an urgent application for an interim injunction to stop inspection of the documents seized from him when he was detained at Heathrow airport on 18 August. His application was based on the principle that police and Government officials should not be able to use terrorist powers unlawfully to gain material from journalists and then inspect that material freely while the lawfulness of their actions is still being determined by a Court. As Lord Justice Laws made clear at the hearing 'All bets are off' as to the legality of the Defendants' actions. The court granted an injunction that permitted the Government access to the material seized on narrowly defined grounds

Glenn Greenwald's Partner Was Carrying A Stunning Amount Of Sensitive Documents When He Was Detained (Business Insider) Glenn Greenwald's partner, David Miranda, was carrying a stunning amount of government documents when he was detained by British authorities for nine hours earlier this month

Kim Dotcom Blasts New Zealand Police 'Cover-up' (SecurityWeek) Megaupload founder Kim Dotcom accused New Zealand police of selectively applying the law Friday after they opted not to prosecute intelligence officials who illegally spied on him

Customer lawsuit tied to Symantec source code hack dismissed (SC Magazine) A California judge has dismissed a customer lawsuit stemming from the 2006 theft of its security product source code from Symantec. U.S. District Court Judge Jon Tigar, sitting in San Francisco, tossed the case because the plaintiff, Texas resident Kathleen Haskins, failed to demonstrate that the product she purchased was among those impacted by the breach, according to court documents. The dismissal was made following a motion filed by Symantec

Finjan Holdings Subsidiary Files Patent Infringement Lawsuit Against Blue Coat Systems (Dark Reading) Finjan Holdings, Inc. (OTC MKT: FNJN) (the "Company") today announced its subsidiary, Finjan, Inc. (Finjan) has filed a patent infringement lawsuit against Blue Coat Systems, Inc., alleging infringement of Finjan patents relating to endpoint, web, and network security technologies

Australian who boasted of hacking to plead not guilty to charges stemming from raid (CSO) Dylan Wheeler, who claimed in February to have breached Microsoft's and Sony's networks, has not been charged with hacking

Cyber Attack On HMRC Leads To Arrests For Tax Fraud ( A cyber-attack on HM Revenue and Customs (HMRC), involving an attempted GBP500,000 (USD775,895) tax fraud, has led to the arrest of five men

Snowden suspected of bypassing electronic logs (InformationSecurity) The U.S. government's efforts to determine which highly classified materials leaker Edward Snowden took from the National Security Agency have been frustrated by Snowden's sophisticated efforts to cover his digital trail by deleting or bypassing electronic logs, government officials told The Associated Press. Such logs would have showed what information Snowden viewed or downloaded

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Thailand 2013 (Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.

SANS Thailand 201 (Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.

TechCrunch Disrupt San Francisco (San Francisco, California, September 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September...

High Technology Crime Investigation Association 2013 International Conference and Training Expo (Summerlin, Nevada, USA, September 8 - 11, 2013) The High Technology Crime Investigation Association (HTCIA) Annual Conference is committed to bringing its participants — members or non–members — the best training, tools and networking the industry has...

SANS CyberCon Fall 2013 (Online, September 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors...

15th Annual AT&T Cyber Security Conference (New York, New York, USA, September 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP...

First Regional Southeast Conference on Cyber Security for National Secuerity (Charleston, South Carolina, USA, September 10, 2013) The First Southeast Regional CS4NS Conference focuses on the immediate need of strengthening the critical cyber infrastructure of our nation. The conference will address the current cyber security state...

First Regional Southeast Conference on Cyber Security for National Security (Charleston, South Carolina, USA, September 10, 2013) The First Southeast Regional CS4NS Conference focuses on the immediate need of strengthening the critical cyber infrastructure of our nation. The conference will address the current cyber security state...

International Common Criteria Conference (Orlando, Florida, USA, September 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC...

Angel Venture Forum: Cyber Security & Healthcare Investment Conference (Washington, DC, USA, September 11, 2013) With the increasing adoption of cloud computing, mobile devices and web-based applications, hackers have more opportunities than ever to infiltrate and crash network systems, especially in healthcare,...

GrrCon (Grand Rapids, Michigan, USA, September 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also...

cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, September 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With...

GovConnects Business Breakfast: Surviving Sequestration (Elkridge, Maryland, USA, September 17, 2013) This Business Breakfast will feature presentations by seasoned professionals in the field of government contracting as they share best practices for dealing with current challenges of doing business in...

Shaping the Future of Cybersecurity Education Workshop (Gaithersburg, Maryland, USA, September 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.