skip navigation

More signal. Less noise.

Daily briefing.

Another news outlet (the Washington Post) is hacked for login credentials: China is the suspect.

Ransomware, both CryptoLocker and its younger, less capable cousin Browlock, continue to worry security analysts. McAfee sees ransomware's threat to businesses growing in 2014.

The alleged, apparent, BT backdoor seems less sinister: the suspicious addresses may have been chosen simply because they're pseudo–private and non–routable.

The airline industry grapples with the usual holiday wave of malware-bearing spam: KULUOZ is being delivered by attachments representing themselves as confirmations and e–tickets.

US retailer Target investigates a very large data breach that exposed customer paycard records; the Secret Service has also been called in. The breach seems to have occurred in–store, not online.

Paunch's arrest and its attendant disruption of Blackhole distribution continue to roil criminal markets (the Cutwail botnet is particularly affected).

The US Federal Election Commission was hacked in October, probably by Chinese operators.

Pro-Bitcoin hacktivists retaliate against China's restrictive virtual currency policy in attacks on that country's central bank.

The US Department of Homeland Security wants cloud providers to purchase insurance for their services.

The US President's Review Group on Intelligence and Communications Technologies has reported, and the White House released their findings and recommendations late yesterday. The report, "Liberty and Security in a Changing World," receives mixed reviews, but consensus finds it less supine than generally expected. It recommends an end to government attempts to undermine cryptography, restrictions on domestic and foreign data collection, and civilianization of NSA leadership.

Lawyers dissect Klayman v. Obama.

Notes.

Today's issue includes events affecting Brazil, China, European Union, India, Israel, Republic of Korea, Russia, Singapore, United Kingdom, United States..

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Defense Initiative 2013 (Washington, DC, USA, December 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify...

FloCon2014 (Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...

NASA Langley Cyber Expo (Hampton, Virginia, USA, January 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer...

cybergamut Tech Tuesday: Malware Reverse Engineering - An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (Columbia, Maryland, USA, January 21, 2014) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer...

Cybertech Cyber Security Conference and Exhibition (, January 1, 1970) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...

U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...

2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.