As Red October finishes rolling up its command-and-control infrastructure, security engineers discuss the technical elements of attack attribution, why attribution is so difficult, and whether it's even worthwhile.
DDOS campaigns mounted through botnets will continue to give banks headaches, and here's another headache, not confined to banks: "Distributed Spam Distraction"—a heavy influx of spam messages—can serve as cover for online theft.
Oracles recent Java patches have included some third-party toolbars, industry observers note with disapproval. A phishing campaign is using bogus DocuSign messages to target enterprises through their employees.
Cyberwarzone discusses Blue Coat and Fin Fisher, and what they mean for online anonymity. Mega (Megaupload rebranded and repurposed as a storage service) scrambles to fix vulnerabilities.
FaceWash offers university students a way of cleaning up their social media history before they hit the job market. ReVuln is developing a hot-patching service for SCADA systems.
DARPA's "Plan X" sponsors research into targeted attack analysis. Google recently hired Ray Kurzweil, who in an interview says he'll focus on computers' natural language capabilities. Natural language is also of interest to password crackers: researchers at Carnegie Mellon and MIT introduce grammar-recognition into a cracking tool they've added to John the Ripper.
Dawson College's expulsion of Ahmed Al-Khabaz shows the cultural gap that persists between the academic and industrial worlds. Dawson expelled the student (who understood himself as a white hat hacker) for "unprofessional conduct," yet Al-Khabaz is now sought-after by companies who value his skills (and apparently agree he's a white hat).
Today's issue includes events affecting Australia, Canada, China, Germany, Malaysia, New Zealand, Russia, Singapore, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Red October malware attacks highlight attribution problems(TechTarget) The Red October malware attacks announced by Kaspersky Labs on Jan. 14 came with their own built-in clues as to the source of the unusually complex botnet. Modules used in Red October appear to have been coded by Russian-speaking developers, whereas the exploits used to target Microsoft Word and Excel vulnerabilities are thought to have been created by Chinese hackers, according to analysis by Kaspersky Labs. However, such speculation highlights the difficulties in attack attribution -- and at least a few forensics experts believe the efforts to find "whodunit" may be wasted
'Botnets' Run Wild(Washington Post) These have not been easy days for cybersecurity experts at some of the nation's leading banks. A barrage of attacks on bank networks has intensified since September, clogging Web sites with traffic, slowing or crashing them. The banks have not lost data, but their online services have been interrupted.
Blue Coat the program that is used by your government to filter your web(Cyberwarzone) Are you sure that you are Anonymous when you are using a VPN? Well, you could be if your country is not listed in the 61 countries that are using the Blue Coat software or Fin Fisher. Blue Coat got in the news when the Hacktivist cluster Telecomix released a 54GB censorship log that had been found on the Syrian domain
What Are Zero-Day Exploits?(Fearless Web) There has been a lot discussion on the Internet recently about the Java 7 zero-day exploit, which has affected many computers worldwide. But what exactly is a zero-day exploit and how does it differ from other types of threats
Security Patches, Mitigations, and Software Updates
What Antivirus Shortcomings Mean For SMBs(Dark Reading) Accepting the risks that come with relying solely on AV not only puts data at risks, it could kill future earning potential. As criminals continue to hone their digital attacks against SMBs, smaller organizations will have to do more than put up token cybersecurity defenses if they want to protect their intellectual property, their customers and their cash flow, experts warn. And step one in giving up the security charades is admitting that there needs to be more to an annual security budget than a few dollars squirreled away for antivirus software renewals
Supply Chain Uncertainties Make Security Difficult(Dark Reading) Supply-chain security has become a growing concern for national governments and large enterprises, but the degree to which compromised technology is a threat remains uncertain, especially since backdoors are hard to detect and, once found, deniable. In November, the acting chief information officer of Los Alamos National Laboratory reported in a letter to the National Nuclear Security Administration that the lab's technicians had removed two network switches made by a subsidiary of network giant Huawei Technologies based in Hangzhou, China, according to a Reuters report published earlier this month. The letter came after the House Armed Service Committee requested information on supply-chain risks from the Department of Energy
Are China's economic ambitions the reason why cyber-attacks from China are rising?(Quartz) The quarterly "State of the Internet" report from consultancy Akamai Technologies (we've also reprised some of its other findings) confirms something about China that the US government has already flagged: The nation is a huge and growing source of cyber-attacks. As this table from Akamai's report shows, the share of the world's "attack traffic" originating from China more than doubled in the third quarter of last year over the previous three months
The cloud will impact the way security is consumed(Help Net Security) Increased adoption of cloud-based computing is expected to impact the way security is consumed as well as how key government agencies will prioritize security of public cloud infrastructures
Embrace BYOD or die(Help Net Security) Dell Quest Software announced the results of a global survey of IT executives to gauge the level of organizational maturity with existing BYOD strategies, along with realized and anticipated benefits
The arrival of the post-PC threat era(Help Net Security) With the release of its 2012 Annual Roundup and Mobile Security reports, Trend Micro documents how cybercriminals have moved beyond the PC, targeting Android, social media and even the Mac OS X with
Marine Corps looks to smart devices for warfighters(Fierce Government IT) Rather than, for example, build a new system to capture photographs of possible improvised explosive devices for analysis with dedicated hardware and software, "they can leverage a mobile device that will take that picture and send it back to the server, and all [the Marines on patrol] are focused on is the application," said Capt. Josh Dixon, project officer for technology transition within the Marine Corps Systems Command
California M&A Activity Reaches Highest Level Since 2009, With Tech Deals Leading The Way(TechCrunch) California saw about $91.1 billion worth of mergers and acquisitions last year, the strongest level seen since 2009, according to Mergermarket. The fourth quarter saw a 10.4 percent increase over the third quarter and about a 25 percent increase over the same time a year earlier. The fourth quarter alone was the best one for mergers and acquisitions since 2007. Naturally, the technology sector led
General Dynamics posts $2.1 billion quarterly loss, citing challenges in technology group(Captial Business) Falls Church-based General Dynamics reported Wednesday that its fourth-quarter earnings plummeted to a loss of $2.1 billion, suggesting that some of the area's top local contractors may be hitting tougher times. General Dynamics attributed much of the dramatic fall to a $2 billion goodwill impairment charge the company took in connection with its information systems and technology group, which it said is being hurt by "slowed defense spending"
Symantec Announces New Strategy; Streamline and Simplify(Dark Reading) Will focus on 10 key areas that combine existing products and services. Symantec Corp. (Nasdaq: SYMC) today announced a new strategy that will streamline and simplify the company so it can deliver significantly improved performance for customers and partners
RIM's 7 days in January(Fierce Mobile IT) Research in Motion (NASDAQ: RIMM) kicked off its BlackBerry 10 launch with the unveiling of the BlackBerry Enterprise Service 10 on Wednesday. It will culminate in the long awaited launch of BlackBerry 10 operating system and handsets on Jan. 30
GTRI Names 17-Year Tech, Consulting Vet Eric Toler CFO(Govconwire) Global Technology Resources Inc. has appointed Eric Toler, former chief financial officer at cloud computing firm T3Media, to serve as CFO at GTRI. GTRI said Toler will oversee financial operations, accounting, budgeting, banking, corporate governance and merger and acquisition activities. Glenn Smith, GTRI chief operating officer, said Toler brings experience in both business modeling and
TASC Names 15-Year SAIC Vet Amanda Brownfield Mission Analysis VP(Govconwire) TASC has appointed Amanda Brownfield, a 15-year veteran of Science Applications International Corp. (NYSE: SAI), to serve as vice president of TASC's mission analysis business unit. The company said Brownfield will lead and manage work for two intelligence customers and oversee program-protection services to other government customers. "Amanda's leadership, energy and customer focus have enabled
Capgemini Promotes Douglas Charles to Govt Solutions CEO(Govconwire) Capgemini has promoted Douglas Charles, a vice president for North American applications services, to serve as CEO for its U.S. government solutions division. The company said Charles, a five-year Science Applications International Corp. (NYSE: SAI) veteran, will be responsible for Capgemini's strategy and growth in U.S. public sector markets of areas of unemployment insurance, business
Products, Services, and Solutions
Nokia Confirms The PureView Was Officially The Last Symbian Phone(TechCrunch) Symbian is now officially dead, Nokia confirmed today. In the company's earnings announcement that came out a little while ago, Nokia confirmed that the 808 PureView, released last year, was the very last device that the company would make on the Symbian platform: "During our transition to Windows Phone through 2012, we continued to ship devices based on Symbian," the company wrote. "The Nokia 808
Amazon Gets Into Voice Recognition, Buys Ivona Software To Compete Against Apple's Siri(TechCrunch) Amazon today announced that it is acquiring Ivona Software, a specialist in voice technologies that competes with Nuance and is already used in the Kindle Fire. The terms of the deal were not disclosed. "IVONA's exceptional text-to-speech technology leads the industry in natural voice quality, accuracy and ease of use. IVONA is already instrumental in helping us deliver excellent accessibility
'Actual Facebook Graph Searches' Tumblr highlights social network's bizarre new feature(IT Proportal) Facebook chief Mark Zuckerberg last week introduced Graph Search, the social network's "next big thing." But the feature comes with a few drawbacks for Facebook users, a collection of which one blogger has compiled in an amusing new Tumblr page. Tom Scott's Actual Facebook Graph Searches includes screenshots from the more bizarre and entertaining Facebook Graph search results, including a search for "mothers of Jews who like bacon" (fewer than 100 people found)
FaceWash web app promises to cleans up users' Facebook history(IT Proportal) Most Facebook users have embarrassing comments or status updates hidden in the depths of their social network profile - long forgotten but not gone. So why not tidy up a little with the new FaceWash web app? The service, which is geared primarily toward recent graduates, aims to delete your seedy Facebook history before you enter the professional world
Microsoft's Project Online takes PPM to the cloud(TechRepublic) While Project 2013 desktop application is coming out with a number of improvements for project managers and their teams, Microsoft hasnt forgotten the cloud. Project Online, Microsofts cloud-based Project Portfolio Management (PPM) solution, is rolling out with improvements and is a better fit into the new world of SharePoint 2013/Office 2013 than Microsoft Project. It comes with 25 user licenses, and your team can access project information from a range of browsers and mobile devices
Who's to blame for Windows 8 flop? PC makers, says Microsoft(Quartz) It appears that the finger-pointing over the slow start of Windows 8 has begun. PC makers ignored Microsoft's advice to make large numbers of high-end tablets that would show off Windows 8′s new interface and touch capabilities, which left Microsoft executives fuming, reports The Register
Popularity of Chinese version of Twitter growing in China(Fierce Government IT) A Twitter-like platform in China has surpassed 400 million registered accounts, generating 150 million posts per day and serving as a "vigorous virtual public square" and "steam valve for discontent" for the world's most populous country, said David Wertime, co-founder and co-editor of Tea Leaf Nation, an English-language online magazine that synthesizes and analyzes Chinese social media
Technologies, Techniques, and Standards
10 Criteria for an Enterprise MDM Solution(eSecurity Planet) Companies don't lack choices when it comes to enterprise mobile device management (MDM) solutions. In fact, too many choices can make it tough to focus on criteria that matter. The mobile device management (MDM) space is quickly consolidating, with Citrix's recent acquisition of MDM vendor Zenprise the most recent example. Despite this consolidation, however, the functionality
Cloud Standards: Bottom Up, Not Top Down(InformationWeek) One relatively bright spot is security, thanks to the Cloud Security Alliance. CSA member organizations, including most large cloud providers, work together
Design and Innovation
How to know when the founder should give way to a professional CEO(Quartz) Twenty years ago, the classic startup model was to have young founders start a breakthrough company, then bring in "grey hair" in the form of experienced executives once it was time to scale the business. Key examples included Cisco, Yahoo, eBay, Google, and many smaller companies. In the last decade, however, that common wisdom has shifted, at least for consumer internet companies. The new received wisdom is that the best entrepreneurs can stay CEO through the entire growth cycle of the company. Think of Jeff Bezos, Larry Ellison, or the late Steve Jobs. My partners at Greylock and I have invested in a number of young founding CEOs who match this pattern and are doing a fantastic job leading their companies through hypergrowth, such as Brian Chesky of AirBnB and Drew Houston of Dropbox. The question is, why has this shift occurred
The Optimizer(Slate) How Google's Jeff Dean became the Chuck Norris of the Internet…Jeff Dean facts aren't, well, true. But the fact that someone went to the trouble to make up Chuck Norris-esque exploits about Dean is remarkable. That's because Jeff Dean is a software engineer, and software engineers are not like Chuck Norris. For one thing, they're not lone rangers—software development is an inherently collaborative enterprise. For another, they rarely shoot cowboys with an Uzi
Steve Jobs' Unfortunate Contribution to Product Development(Team Treehouse) We're all very well aware of Steve Jobs' contributions to technology and society. Without Steve, and Apple, we would all be using Motorola Razors or some other "cool" phone (ah, those were the days) or tablets would be just a failed Microsoft project. You know the story, iPods, iTunes, the whole thing. All of it is great – it spawned categories of devices, created competition, and now everyone's benefiting. And it's not just devices – Steve Jobs proved that the integration of hardware and software was possible and helped create an entirely new economy through app stores, which has created millions of new jobs
Research and Development
DARPA Seeking Help With Targeted Attack Analysis(Threatpost) DARPAThe networks of government agencies and the military are under constant attack from a variety of sources, and the U.S., like most other countries, relies on those networks to not just run daily operations, but to support missions around the world. In the face of those attacks, the Department of Defense's advanced research group, DARPA, is looking for new technologies that can collect and analyze massive amounts of network data and enable security teams to get quick reads on attacks happening across a broad, department-level network
Grammar badness makes cracking harder the long password(Ars Technica) Password crackers get an English lesson. When it comes to long phrases used to defeat recent advances in password cracking, bigger isn't necessarily better, particularly when they adhere to grammatical rules. A team of Ph.D. and grad students at Carnegie Mellon University and the Massachusetts Institute of Technology have developed an algorithm that targets passcodes with a minimum number of 16 characters and built it into the freely available John the Ripper cracking program
Update: Student's Expulsion Exposes Computer Science Culture Gap(Security Ledger) The expulsion of a 20 year-old computer science major at Dawson College in Quebec, Canada has laid bare what one expert says is a culture gap between academic computer science departments and the real world of application development. In the wake of news stories that have drawn attention to the case, Dawsons faculty and administration have stood by their decision, saying that hacking of the type Ahmed Al-Khabaz was engaged in was an example of unprofessional conduct by a computer sciences engineer. This, even as private sector firms including the company whose software Al-Khabaz exposed have come forward with job offers and scholarships
Legislation, Policy, and Regulation
Waiting For REAL ID? Take a Seat, It'll Be a While(IEEE Spectrum) There's an interesting story in next month's National Defense magazine on the long gestation of the REAL ID Act. As you may remember, eight years ago the U.S. Congress passed the REAL ID Act of 2005. It would have forced states to start issuing tamper-proof driver licenses and identify cards by 11 May 2008. The reason for the act, a brainchild of Congressman Jim Sensenbrenner of Wisconsin, was to make it harder for terrorists and other criminals to be able to pass off fake IDs in the commission of their crimes. And a REAL ID card would be required to enter a federal building or board a commercial airline flight
Could Obama 2 Deliver Better Cybersecurity?(AC Democracy) In January 2009, Obama presented his first cyber security strategy plan. That plan, however, mirrored the Bush Administration's blueprint to better protect the nation's federal and commercial cyber security. That plan was followed each successive year with new strategies
Calls for a pan-Asia cyber crime centre(Acumin) Calls are being made for Asia to have a central cyber crime centre resembling that set up in Europe in order to help provide a more unified approach to the problem. Myla Pilao, director of core technology at Trend Micro's TrendLabs, has said that since crime committed online is without borders, such an agency in Asia-Pacific is necessary to share information and many of those in IT security jobs are bound to agree
Leahy: electronic communications privacy a top priority for Senate Judiciary Committee(Fierce Government IT) Updating the Electronic Communications Privacy Act by requiring law enforcement to obtain a warrant before reading people's stored emails and other forms of electronic communication is among the Senate Judiciary's top technology priorities for the new 113th Congress, says committee Chairman Patrick Leahy (D-VT). He spoke Jan. 16 at the Georgetown University Law Center
Litigation, Investigation, and Law Enforcement
Why Facebook Data Tends to Condemn You in Court(Wired Threat Level) U.S. courts have a structural bias against "guilty" verdicts, but when it comes to Facebook data the situation is reversed: Social media activity is more readily used to convict you in a court of law than to defend you. That's because prosecutors generally have an easier time than defense attorneys getting private information out of Facebook and other social networks, as highlighted in an ongoing Portland murder case. In that case, the defense attorney has evidence of a Facebook conversation in which a key witness reportedly tells a friend he was pressured by police into falsely incriminating the defendant
Google Complied With 88 Percent of U.S. User Data Requests(Threatpost) Google reportGoogle received more than 8,000 requests for user data from the U.S. government in the second half of 2012, and nearly all of them were the result of a subpoena or search warrant. The number of those requests that the company complied with by producing some or all of the data in question is still relatively high, at 88 percent, but declined slightly from the first half of last year
Google stands up for Gmail users, requires cops to get a warrant(Ars Technica) As e-mail privacy laws stall in Congress, Google pushes for stronger standard. Under current law, there's a fairly low standard for law enforcement to access your e-mail. The United States remains far ahead of all governments who request user information from Google according to the company's latest Transparency Report (July through December 2012) which was released on Wednesday
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
TED X Baltimore: Baltimore Rewired(Baltimore, Maryland, USA, January 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but...
Data Privacy Day(Various locations, January 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy...
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
North American ICS & SCADA Summit(Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
RSA USA 2013(San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
Business Insurance Risk Management Summit(New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...
CanSecWest 2013(Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
CSO40(Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
Consumerization of IT in the Enterprise Conference and Expo(San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise.
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.