skip navigation

More signal. Less noise.

Daily briefing.

Egypt seems on the brink of a coup d'état, and observers speculate that the Army is watching President Morsi via lawful intercept tools including FinFisher and FinSpy.

Elsewhere in the Middle East sophisticated njRAT espionage malware appears to be conducting an intelligence preparation of the battlefield—governments, energy firms, and telecoms are targets in the United Arab Emirates, Oman, and elsewhere. njRAT deploys multiple surveillance vectors—keylogging, camjacking, reverse shells, etc.

Ubisoft alerts gamers to a breach that exposed usernames, email addresses, and encrypted passwords. Anonymous goes after lead-generation firm Relead. Litecoin joins Bitcoin as a target of cyber criminals.

Several dangerous threats and vulnerabilities surface. Darkleech malware is back in Apache web host servers, its mode of access still unclear. Cyber criminals are using Tor-based command-and-control. Vulnerabilities in often-overlooked baseboard management controllers are found to give attackers "almost physical" access to servers. Sophos dissects the Glazunov exploit kit family.

In terms of threat education, travelers should read IT World's account of what you expose when you use an unsecured Wi-Fi hotspot.

Players in the cybercriminal economy continue to boast a solid ROI. Selling fake Twitter followers, for example, is a multimillion-dollar business.

The PRISM affair continues, but the US military announces plans for a $23B cyber budget. The US continues its tu quoque reply to European critics of the NSA, which may be having effect—the Bolivian presidential plane was denied access to French and Portuguese airspace from fear it was carrying Snowden. The Guardian promises "bombshell" PRISM revelations.


Today's issue includes events affecting Australia, Austria, Bolivia, Brazil, China, Ecuador, Egypt, Estonia, France, Germany, India, Iran, Ireland, Israel, Moldova, Norway, Oman, Pakistan, Palestinian Territories, Poland, Portugal, Russia, Spain, Syria, United Arab Emirates, United States, and Venezuela..

The CyberWire (emails, posts, and tweets) will take a holiday this Thursday and Friday as its staff celebrates US Independence Day. We'll resume normal publication (and normal tweeting) on Monday, July 8. Enjoy the Fourth.

Cyber Attacks, Threats, and Vulnerabilities

Egyptian army spying on the Egyptian president (Cyberwarzone) The Egyptian army has a plan ready to push President Mohamed Mursi aside and suspend the constitution if the president fails to strake a power-sharing deal with his opponents within 24 hours

njRAT Espionage Malware Targets Middle Eastern Governments, Telecoms, and Energy (Threatpost) Government agencies, telecom and energy organizations in the Middle East are being targeted by espionage malware known as njRAT. The remote access Trojan is thorough in its data-stealing capabilities. Beyond dropping a keylogger, variants are capable of accessing a computer's camera, stealing credentials stored in browsers, opening reverse shells, stealing files, manipulating processes and viewing the user's desktop

Attack Campaign Targets User Credentials in Persian Gulf (Security Week) Researchers at McAfee recently uncovered a malware campaign that snared victims in both the private and public sector in the United Arab Emirates, Oman and a host of other countries in the Persian Gulf and Caribbean

Quaid-e-Azam University Pakistan Hacked, Login Info leaked by Indian Hacker (Hack Read) An Indian hacker going with the handle of Assassin has hacked into the email system of Pakistan's Quaid-e-Azam University, as a result login information of 99 users have been leaked on Pastebin. Assassin hacker left the data for public with a message asking Pakistani hackers not to attack Indian sites. The message on Pastebin was expressed in these words

US Air Force Culture & Language Center Hacked, Highly Sensitive Personal Details Leaked by Turkish Ajan (Hack Read) The official website of US Air Force Culture & Language Center has been hacked, as a result highly sensitive personal details of military officials have been leaked online by Turkish Ajan Hackers. One of the member of Turkish Ajan going with the handle of Maxney contacted me on Twitter, claiming the hack which shows hackers were able to edit and replace some of site content

Hacker exploits Ubisoft website to gain email addresses and encrypted passwords (Venture Beat) Hacking isn't just a gameplay option in Ubisoft's upcoming open-world title Watch Dogs. A hacker — or possibly multiple hackers — cracked one of Ubisoft's websites to gain access to user data, according to the publisher

Ubisoft customers told "change your passwords now" (Naked Security) Ubisoft, the third-largest gaming company in both Europe and the US, is urging customers to change their passwords following a breach that exposed user names, email addresses and encrypted passwords

Cyberscammers spread malware disguised as World War III news alerts in Syria (GMA News) Bitdefender said the messages claimed 3,000 US Marines have been deployed to northern Syria, and pose the question of whether the Obama administration will start World War III. Users who click on any of the hyperlinked text, including the 'unsubscribe'

Anonymous Targets Anti-Anonymity B2B Firm (SecurityWeek) Accusing them of being "scumbag business practices", Anonymous claims to have leaked the customer database of, a service that helps websites convert anonymous visitors into actual sales leads by examining their IP information

How the US (probably) spied on European allies' encrypted faxes (Ars Technica) Grainy image stokes speculation of old-school, Tempest-style attack. US intelligence services implanted bugging tools into cryptographic facsimile devices to intercept secret communications sent or received by the European Union's Washington, DC outpost, according to the latest leak from former National Security Agency staffer Edward Snowden. Technical details are scarce, but security experts reading between the lines say the program probably relies on an old-school style of espionage that parses electric currents, acoustic vibrations, and other subtle types of energy to reveal the contents of encrypted communications

Lost thumb drive leads to compromised patient data (SC Magazine) A lost thumb drive containing thousands of patient records went missing from a Nebraska doctor's office. How many victims? 2,125 patients of James Fosnaugh, a 30-year doctor of internal medicine who works out of Wedgewood Legacy Medical in Lincoln, Nebraska

Litecoin-stealing Trojan found (Help Net Security) Bitcoin is the most popular, but not the only crypto currency out there. As interest in and use of other ones rises, malware that tries to steal particular types of currencies from users

Rampant Apache website attack hits visitors with highly malicious software (Ars Technica) Darkleech is back. Or maybe it never left. Either way, it's a growing problem

Cybercriminals experiment with Tor-based C&C, ring-3-rootkit empowered, SPDY form grabbing malware bot (Webroot Threat Blog) Keeping in pace with the latest and most widely integrated technologies, with the idea to abuse them in a fraudulent/malicious way, is an everyday reality in today's cybercrime ecosystem that continues to be over-supplied with modified and commoditized malicious software. This is achieved primarily through either leaked source code or a slightly different set of 'common' malware 'features' branded under a different name

Hacker Holes in Server Management System Allow 'Almost-Physical' Access (Wired) Major vulnerabilities in a protocol for remotely monitoring and managing servers would allow attackers to hijack the computers to gain control of them, access or erase data, or lock others out. The vulnerabilities exist in more than 100,000 servers connected to the internet, according to two researchers

New Gaping Security Holes Found Exposing Servers (Dark Reading) Researcher HD Moore so far has discovered around 300,000 servers online at serious risk of hacker takeover. A widely deployed protocol and controller used in servers and workstations both contain serious vulnerabilities that in effect give attackers near-physical access to the machines, a pair of renowned researchers said today

Security Vulnerabilities in Baseboard Management Controllers Rampant, Research Finds (Security Week) Joint research by Rapid7 and an independent security researcher has spotlighted vulnerabilities in embedded technology used to remotely manage servers known as baseboard management controllers [BMCs]

Skype Vulnerability Can Lead to Android Lockscreen Bypass (Threatpost) A vulnerability in Skype's Android application could enable an attacker to bypass the lockscreen on some Android phones, giving them full access to the device if it's in their possession

Android app hacking tool (Cyberwarzone) Security Response Analysts from F-Secure has discovered an Android app on a Chinese language forum that turns a mobile device into a hacking tool that is capable of stealing information from a connected Windows PC

The four seasons of Glazunov: digging further into Sibhost and Flimkit (Naked Security) In the analysis of the Glazunov exploit kit that I posted early last week, I mentioned two other kits that are very similar - Sibhost and Flimkit. In this post, I am going to take a quick look at these and highlight the similarities and differences between the three kits

Atlassian's Crowd SSO Software Remains Vulnerable Despite Patches (Security Week) A technical advisory from Command Five, an Australian security consultancy, has outlined the recently patched flaws in Atlassian's Crowd Single Sign-on (SSO) software package. However, despite fixes, the turnkey identity management offering still appears to be vulnerable to a major flaw that allows attackers to take complete control of any Crowd server

What's It Take To Trust A Digitally Signed Program? (Dark Reading) Last week's Opera attack stokes fears over digitally signed programs from potentially compromised vendors. The breach of Opera Software that came to light last week after attackers compromised Opera's network in order to steal an expired certificate and use it to sign malware for distribution dredges up some serious concerns from security professionals about the amount of trust that organizations put into legitimately signed programs. In particular, the attack brought up fears about auto-updating processes, as this particular strike used Opera's updating infrastructure to automatically push out updates to customers

License To Ill (Dark Reading) Unlicensed software exposes SMBs to lawsuits, viruses, and unwelcome guests. Computer software accelerates the ability of businesses to communicate, collaborate, design, build, and deliver. Expensive as some of these products may be, it's hard to imagine getting business done without them. While SMBs are always looking to cut costs and maintain effectiveness, shortcutting the software licensing process can have dangerous consequences from a lack of software support to potentially company-ending fines and security holes

Researcher: Motorola Gathers Personal Data from Droid Phones (eSecurity Planet) Ben Lincoln says the company collects user names and passwords for Facebook, Twitter, YouTube, Picasa and Photobucket, along with other data

What eavesdroppers see when you use unsecured Wi-Fi hotspots (IT World) You've probably read at least one story with warnings about using unsecure public Wi-Fi hotspots, so you know that eavesdroppers can capture information traveling over those networks. But nothing gets the point across as effectively as seeing the snooping in action. So I parked myself at my local coffee shop the other day to soak up the airwaves and see what I could see

Fake Twitter Accounts Remain Multimillion-Dollar Business (Dark Reading) Barracuda Labs digs into the market for buying Twitter followers. Fifty-five websites in the top 100 Google search results for "buy Twitter followers" were found selling fake accounts -- exemplifying a thriving market that is growing increasingly competitive

Cyber Trends

Critical Infrastructure Organizations Lagging in Security (Security Week) Businesses and government agencies are a popular target for attackers looking to steal information and destroy networks, and they are woefully unprepared to deal with the attacks, FortiGuard Labs researchers wrote in a new report analyzing attacks in 2013

How Cybercriminals Operate (Dark Reading) A look at cybercriminal motives, resources, and processes -- and how they may affect enterprise defense. Sun Tzu's The Art of War says "know your enemy," yet many businesses are unfamiliar with the cyber enemies that are attacking them every day. Mandiant's APT1 report provides fascinating insight into state-sponsored cyber espionage, but what about the world of the cybercriminal

July 2013 Threat Stats (SC Magazine) This month's threat stats continue to indicate that the ZeroAccess trojan is still the malware of choice for U.S. hackers

Next big thing in big data: The data supply chain (FierceBigData) Given that every company, large or small, is swamped with data and bracing for it grow even bigger, it seems counter-intuitive to think about data supply chains. But think about them we must--because everything hinges on them

Robert J. Samuelson: If only the world could repeal the whole Internet (Deseret News) If I could, I would repeal the Internet. It is the technological marvel of the age, but it is not — as most people imagine — a symbol of progress. Just the opposite. We would be better off without it. I grant its astonishing capabilities: the instant access to vast amounts of information, the pleasures of YouTube and iTunes, the convenience of GPS and much more. But the Internet's benefits are relatively modest compared with past transforming technologies, and it brings with it a terrifying danger: cyberwar. Amid the controversy over leaks from the National Security Agency, this looms as an even bigger downside


Fort Huachuca escapes major force reduction — so far (Benson News Sun) As the NETCOM commander, Lynn also is a deputy commander of the Army Cyber Command. Fort Huachuca is also home to some major Army testing facilities, such as the Electronic Proving Ground, the Defense Department's Joint Interoperability Test

Martin Dempsey: Pentagon Plans $23B for Cyber Programs (ExecutiveGov) The chairman of the Joint Chiefs of Staff said Saturday the Pentagon will invest $23 billion in cybersecurity programs and recruit 4,000 new staff for U.S. Cyber Command, Defense Systems reported Sunday. George Leopold writes Army Gen. Martin Dempsey

Critical Cyber Needs Include People, Partners, General Says (Department of Defense) Cyber partnerships such as those with the National Security Agency and the Defense Intelligence Agency and external partnerships such as those with industry, international allies and academia represent a transformation in the way DOD approaches cyber

IT solutions firms upbeat about cyber security policy (Times of India) Jagdish Mahapatra, managing director for India and SAARC at cyber security solutions company McAfee, told TOI that the policy will provide a roadmap for strengthening cyber security. "It will also secure a computing framework that will inspire consumer

The only thing programmers have to fear is… all of these things (IT World) From being outsourced to getting bored to hurting somebody with a bug, software developers find lots of things to worry about. Software developer is generally considered a pretty good job, and with good reason. The pay and the perks are good (and can be really good), the work is challenging (usually in a good way) and, given the current supply of and demand for programmers, it's a pretty secure career. But all that, of course, doesn't mean that developers don't occasionally wake up in a cold sweat in fear of something bad happening at work

MAD Security Appoints Commander Cliff Neve as Vice President of Security ( Commander Neve brings 20 years of Coast Guard career experience to MAD which includes tours as Chief of Operations for Coast Guard Cyber Command, Deputy Chief Information Officer at the White House Communications Agency, as well as Assistant

Icahn presses forward ahead of Dell shareholder vote (FierceFinance) Is Carl Icahn significantly improving his chances of winning the war for Dell

Lockheed Martin To Set Up A Technology Hub In Israel ( Lockheed Martin will collaborate with Israel's Bynet Data Communications to build the Israel military's Intelligence Corps center in the Negev Desert, south of Tel Aviv -- a program known as Project 5/9, which has estimated cost of $210.6 million

Products, Services, and Solutions

Protect Android devices from theft and malware (Help Net Security) The new Norton Mobile Security with antivirus protects your Android phones and tablets from theft, loss, malware and viruses. Remotely locate your lost or stolen device. Scan your new apps

Inside the Incapsula Cloud Security Platform (eSecurity Planet) Co-founder of cloud security content delivery network explains what makes his platform work. The modern threat landscape makes it very difficult for an enterprise to have all the expertise, skills and bandwidth required to defend against all forms of attack. That's where emerging cloud-based content delivery networks (CDN) that are focused on security could help

Reservoir Labs Expands R-Scope® Cyber Security Monitoring Solutions (Reservoir Labs) Following Reservoir Labs' groundbreaking 100 Gbps R-Scope® DOMINATE-T™ announcement in May, the company today introduced the R-Scope PACE-X™, a new mid-range addition to the R-Scope suite of scalable network security monitoring appliances. The 1U rack-mountable R-Scope PACE-X system extracts and analyzes cyber-security intelligence data from network traffic, incorporating Myricom's FastStack™ Sniffer10G™ technology for sustained performance at 20 Gbps

Bitdefender Antivirus Free Edition (2014) (PC Magazine) Bitdefender Free is clearly meant to be as unobtrusive as possible. There's no configuration required, none at all. The most you can do is turn off realtime protection and turn off the background automatic scan—but why would you do that? The main

Pentaho, Rackspace, Hortonworks partner on Hadoop–as–a–Service (FierceBigData) Pentaho has combined its Hadoop integration and analytics with Rackspace's public and private cloud to create the Rackspace Big Data service

9 Android Apps To Improve Security, Privacy (InformationWeek) Secure your Android smartphones and tablets using antivirus, encrypted communications, child locks, password managers and other tools featured in our roundup

Technologies, Techniques, and Standards

Why Quarterly Vulnerability Scanning Is An Impressively Stupid Idea (Storefront Backtalk) The current PCI DSS quarterly vulnerability scanning requirement is nothing short of ridiculous, given the fact that most operating system vendors and some application software providers release patches at least monthly, pens GuestView PCI Columnist Jeff Hall. (OK, it isn't so ridiculous if your goal is to guarantee a constant security hole for the convenience of cyberthieves. For those of you whose goals are other than that, though…) When Visa published their Customer Information Security Program (CISP) back in 2002, they set the bar of quarterly vulnerability scanning because it was believed to be the most efficient and cost effective approach for providing security. This practice has continued unaltered even when the CISP was converted to the PCI DSS in 2007

Manager Likely Rubberstamped Snowden's Foreign Travel (Nextgov) The supervisor of National Security Agency leaker Edward Snowden likely formally signed off on the network operations employee's personal trip to Hong Kong even though the nation has been linked to cyber espionage and Snowden's high-level security clearances granted him access to American secrets

With a simulated attack, Wall St. gears up to combat virtual threats (Phys.Org) The Securities Industry and Financial Markets Association, a major financial industry group, will coordinate a July 18 simulated cyber attack with about 50 firms in an exercise called Quantum Dawn 2. Exchanges, the U.S. Treasury and the Department of

Getting The Most From Web Application Testing Results (Dark Reading) While most organizations today have implemented some level of Web application vulnerability testing tools, relatively few have managed to reap the kind of benefits they may have initially expected when they first deployed. The messy truth to it all is that the tools are only the first step to improving the internal code base and most organizations haven't found a way to bridge the gap between security and developer teams

Unstructured data still elusive (FierceBigData) Unfortunately, many big data projects are brought short of their full potential because siloed and unstructured data are not fully added into the equation. Quite often this is due to oversight or technological limitations in data retrieval but sometimes it is because the operation is blind to the hidden data's existence

Where numbers lie and gut-feeling still wins (FierceBigData) The mantra continues: big data results trump gut feeling. And that is true--but only to a point. The implication in that mantra is that numbers tell all and truth can be found with nothing more than algorithms

Things CEOs Hate To Pay For and How They Can Help You Make Your Case for Security (Security Week) When Making the Case for a Security Budget, Don't Just Provide Numbers and Statistics. As a CEO, I hate spending money on things that don't help grow my business or improve the products and services we bring to market. While I know there are necessary evils in business that require funding, the thought of spending money on things that are only used in a worst-case scenario are not attractive options to me when it comes to the allocation of limited and important resources. Having spent the majority of my career in the cyber security business, I am well aware that many of my CEO brethren lump security spending into the same bucket as other less desirable expenditures and believe me, I get it

Debate: Because of inherent vulnerabilities, it is time to ditch Java (SC Magazine) Experts in this month's debate discuss Java. Is it time to stop using the popular software

Security of Social Media: Preventing Simple Hacks that Carry a Huge Cost (Security Week) Social Media Accounts are Critical Access Points - Treat Them as Such. When we talk about security, we often mention protecting social media accounts as a secondary measure to be handled after everything else is properly shielded. Social media, after all, seems trivial and inconsequential compared to protecting the infrastructure that houses your data. Furthermore, social media is usually managed by the marketing department, not IT. Before you dismiss the damage that can be caused in something novel like "the social sphere," understand that social media account compromises can result in catastrophe

Emulate to exterminate. (Nota Bene) 100% guaranteed protection doesn't exist. You probably know that perfectly well by now. Indeed, even the most reliable antivirus sometimes gets bypassed in professional attacks. That's bad news enough already. What's even worse news is that inferior antiviruses get bypassed a lot more frequently

Design and Innovation

London has all the ingredients for a successful startup ecosystem (Venture Beat) Just a few years ago, startups seemed like the purview of a niche circle of hipsters, probably living somewhere trendy like Shoreditch or Dalston

Research and Development

Twisted Light Sends Data Through Optical Fiber for First Time (IEEE Spectrum) For the first time beams of "twisted" light have been used to transfer data through optical fibre. A team of researchers from Boston University and University of Southern California succeeded in transmitting 1.6 terabits per second using one kilometer of optical fiber. Last June, a team of researchers transmitted data through the air at 2.56 Tb/s using twisted light, but this is the first time the method has been used to send data through optical fiber


Cybersecurity training on the rise for young students (USA Today) Corporate cyber security internships now start as young as age 16 at Northrop Grumman Corp., one of the largest cyber security providers to the federal government. The Air Force Association, an independent aerospace education association, has created

Walden University's Information Security Courses Receive NSA/CNSS National Training Standards (Wall Street Journal) Walden University's Information Security Courses Receive NSA/CNSS National Training Standards. The certification is awarded through NSA's Information Assurance Courseware Evaluation (IACE) program, which provides consistency in training and education for the information assurance skills critical to the nation

Crestron Awarded JITC Information Assurance Certification (Audio Visual News Network) Based on results of Information Assurance (IA) assessments of its systems, which were approved by the Chief of Homeland Security and Information Portfolio, the Crestron control technologies earned security rankings that exceeded minimum protocol

Learning from the learners (SC Magazine) Many companies are struggling with how to allow employees to bring their personal devices to work and access the corporate network. A host of issues have to be addressed along the way, starting with who is actually on your network right now, is that person even allowed on your network, what devices are they using, and is it safe or is it infested with malware

Legislation, Policy, and Regulation

Amid spying saga, India unveils cyber security policy (Times of India) The government on Tuesday unveiled the National Cyber Security Policy, aimed at protecting the public and private infrastructure from cyber attacks

Glenn Greenwald: New bombshell coming (Politico) Another big National Security Agency scoop is coming soon, Glenn Greenwald said on Tuesday. "Just wait a little bit, you'll have it," The Guardian journalist who broke the NSA surveillance story said on "Fox & Friends"

Don't Let Leaker's Long, Strange Trip Take NSA Off The Hook (USA Today) Snowden's self-destructive mystery tour does more than tarnish his image. It threatens to short-circuit the useful debate sparked by his original revelations

Everybody spies on everybody: ex-intel officers (Cyberwarzone) Europeans may express outrage over revelations of US spying but they know perfectly well how the espionage "game" is played -- everybody spies on everybody, former intelligence officials say

Espionage? Moi? (Foreign Policy) Sure, Paris is a hypocrite when it comes to spying. But it isn't alone. If you buy the latest reporting out of Europe, France is outraged, simply outraged, at news that the National Security Agency has been eavesdropping on the European Union through its mission in New York and embassy in Washington. French political parties are now rumbling about offering asylum to Edward Snowden, the former NSA contractor at the center of the leaks. The French government is demanding answers from the United States about its snooping. Monsieur Le Président himself, François Hollande, is calling for an end to the spying

The Spy Who Bored Me (Wall Street Journal) News that U.S. intelligence agencies routinely monitor European phone and digital traffic and may even have spied on the institutions of the European Union is causing a political furor in Paris, Brussels, Berlin and other Continental capitals

Listening In On Europe (New York Times) There seems a touch of playacting in the outrage that France, Germany and other European governments have been venting since the online edition of Der Spiegel, the German newsmagazine, reported last weekend that the National Security Agency had bugged diplomatic offices and monitored their internal computer systems. Spying on allies looks bad and is rarely discussed in public except when, as now, spy agency documents are leaked to the press. But governments on both sides of the Atlantic (and almost everywhere else) have spied on allies and enemies alike for a long time

What The Snowden Acolytes Won't Tell You (Wall Street Journal) Perhaps it is possible, as Mr. Snowden and his supporters allege, that a dictatorship could emerge by degrees in one of the oldest and best-established democracies in the world. But if such a thing were to happen in the U.S., it would be an event without historical precedent

Telephone Program Fills A Security Gap (USA Today) In its report, the 9/11 Commission criticized the intelligence community because it was unable to link terrorist organizers overseas with their operatives already positioned in the United States. The telephone metadata collection program that was leaked in early June was established to help fill that gap

For NSA, Hackers Are Needed, Risky (Wall Street Journal) When President Barack Obama last week called intelligence leaker Edward Snowden a "hacker," the comment was designed to be dismissive. But the president also put his finger on a growing fear among national-security officials: that others in the ranks of young, tech-savvy new recruits could prove as unpredictable as they are indispensable

Hints Surface That NSA Building Massive, Pervasive Surveillance Capability (McClatchy Newspapers) Despite U.S. intelligence officials repeated denials that the National Security Agency is collecting the content of domestic emails and phone calls, evidence is mounting that the agency's vast surveillance network can and may already be preserving billions of those communications in powerful digital databases

Clapper Apologizes For Answer On NSA's Data Collection (NPR) After telling Congress that the National Security Agency does not collect data on millions of Americans, National Intelligence Director James Clapper has issued an apology, telling Senate Intelligence Committee Chairwoman Dianne Feinstein that his statement was "clearly erroneous"

FAQ: the NSA Metadata and PRISM Programs (Threatpost) The details of extensive government surveillance of U.S. citizens through collection of cell phone metadata, and email and Internet activities through the PRISM program has raised a lot of questions and caused quite a bit of confusion about what's actually happening. To help users sort through the mess, Threatpost put together an FAQ about the revelations, the implications and what steps users can take to protect their privacy

FBI's data mining needs scrutiny, too ( We recently learned that the National Security Agency has a database with the records of almost every phone call made in the United States. To address public concerns over its surveillance activities, the agency has begun to explain how it uses the

New defense cyber policies are in the works (Federal Computer Week) Davis highlighted progress over the past two years, including the launch of service cyber components operating under U.S. Cyber Command, joint cyber centers at the combatant commands, military orders for cyber operations, an interim command and control

Good news for the NSA: There are 42% fewer new secrets for future Edward Snowdens to leak (Quartz) One of the reasons former NSA contractor Edward Snowden was able to get away with stealing top-secret documents about government surveillance programs is because Washington's system of classifying national security information is badly broken. So many entire categories of data are classified--from how surveillance programs like PRISM work to the altitude at which US warplanes fly--that an astounding 4.9 million people are required to have "Top Secret" clearances just to do their jobs as government officials or, like Snowden, as private-sector contractors working on defense and intelligence matters. The system of vetting these people for clearances is dysfunctional, and national-security experts like former House intelligence committee chairwoman Jane Harman have said recently that the Snowden case is a good example of that

GOP to Sebelius: ACA data hub raises privacy concerns (FierceHealthIT) In a letter sent to U.S. Department of Health & Human Services Secretary Kathleen Sebelius last Friday, 16 Republican lawmakers raised concerns about the data services hub to be used to connect state health insurance exchanges with federal agencies

HHS finalizes health IT safety plan (FierceHealthIT) The U.S. Department of Health and Human Services has released a final health IT safety plan to eliminate medical errors related to technology and better protect patients

COPPA rule for apps goes into effect (FierceMobileGovernment) A revised version of the Children's Online Privacy Protection Act, which now includes online games and apps, went into effect July 1, a Federal Trade Commission announcement says

Calif. attorney general: Time to crack down on companies that don't encrypt (InfoWorld) State's first data breach report finds that more than 1.4 million residents' data would have been safe had companies used encryption

Litigation, Investigation, and Law Enforcement

Snowden: Obama practicing 'political aggression' (USA Today) The National Security Agency leaker -- in limbo at the Moscow airport, asking nations for asylum -- protested reports that Vice President Biden had spoken with the president of Ecuador about denying Snowden entry to that country. "On Thursday

The Putin Asylum (Wall Street Journal) The glamour seems to be wearing off for Edward Snowden. The self-admitted leaker of America's national-security secrets and hero of the world's anti-American left now finds himself at the mercy of Vladimir Putin, the old KGB man and one of the world's leading authoritarians

Sabotaging His Own Cause (Washington Post) Three weeks ago, Edward Snowden told the Guardian newspaper that "the sense of outrage" over the secret surveillance programs he had disclosed "has given me hope that, no matter what happens to me, the outcome will be positive for America." But now that hope is being undermined by one man: Edward Snowden

Obama and the 'hacker': President recasts chase for Snowden as unworthy of exceptional effort (Washington Post) The last thing President Barack Obama wants to do is turn Edward Snowden into a grand enemy of the state or a Daniel Ellsberg-type hero who speaks truth to power

Bolivian president's plane redirected due to fear Snowden was aboard (Ars Technica) A jet carrying Bolivian President Evo Morales was diverted after leaving Moscow on Tuesday when France and Portugal abruptly revoked permission for the president's plane to travel through the nations' airspace due to rumors that NSA leaker Edward Snowden was on board the plane

Rafael Correa: we helped Snowden by mistake (The Guardian) Ecuador's president reveals the whistleblower was granted a temporary travel card at 4am 'without authorisation or validity'

Snowden's Asylum Requests Draw Cold Responses (Wall Street Journal) Responses to National Security Agency leaker Edward Snowden's globe-spanning plea for asylum began coming in on Tuesday, as some countries offered outright denials while others issued reminders that he would need to make it to their soil to get an

Prosecutors In Manning Court-Martial Rest Their Case (Washington Post) Prosecutors in the court-martial of Pfc. Bradley Manning rested their case Tuesday after hearing testimony from nearly 80 witnesses in their attempt to convict him on nearly two dozen charges, including a violation of the Espionage Act

Obama's Favorite General? Cartwright DOJ Leak Investigation Complicates Story Of Stuxnet Cyber-Attack On Iran (International Business Times) In June of last year, Sanger first reported details of a joint U.S.-Israeli covert operation to unleash a cyber-attack on Iran's nuclear program, ultimately setting it back 18 months. The mission, dubbed Operation Olympic Games, involved a computer

MAPCO Faces Class Action Lawsuit Over Security Breach (eSecurity Planet) Ian Yeager of Northport, Ala., has filed a lawsuit claiming that the company was negligent in allowing sensitive data to be compromised

European Cybercrime Center Targets Airline Ticket Fraud (eSecurity Planet) Forty-three people were detained on June 27 for using stolen credit cards to purchase airline tickets. European law enforcement agencies, supported by Europol's European Cybercrime Center (EC3), held a "day of action" on June 27, 2013 to target criminals who use stolen credit cards to buy airline tickets

Internet troll "weev" appeals 41-month sentence for AT&T/iPad hack (Ars Technica) The EFF and law professor Orin Kerr join forces to reverse a federal conviction.Yesterday, the EFF filed a formal appeal with the Third Circuit US Court of Appeals to overturn the conviction of Andrew "weev" Auernheimer, who is currently serving a 41-month sentence at Allenwood Low Federal Correctional Institute in White Deer, Pennsylvania

You May Not Like Weev, But Your Online Freedom Depends on His Appeal (Wired) "The Internet's best terrible person." A "disappointment." "Reviled/Beloved." Those are just a few of the things people have called convicted AT&T/iPad "hacker" Andrew Auernheimer -- a.k.a. "Weev" -- currently sitting in federal prison serving a 41-month sentence

Here's What It Looks Like When Two Hacker FBI Informants Try To Inform On Each Other (Forbes) The FBI has so many moles in the hacktivist community, it seems, that at times they've even ended up unwittingly doing their best to get each other arrested

How Much Trouble Could You Be In If Online Customers Can Hide Where They Are? (Storefront Backtalk) One of the largest Internet providers in New Zealand is now letting customers pretend they're somewhere else when it comes to buying things online. That's likely to be a thorn in the side of digital content providers such as movie producers and e-book publishers, but it could also set up online retailers for a whole host of complications. What happens when your transaction is subject to the laws of a country you're not expecting

Banks to Retailers: Online Fraud? You're On Your Own (Storefront Backtalk) When a land title company in Missouri checked its bank account, it found it short by $440,000. Seems that someone had logged into its account at BancorpSouth and wire-transferred the funds to some strange entity's bank account in the Republic of Cypress. Now the escrow and title company had never done a wire transfer like that. It had never done an international wire transfer. It had never wired money to Cypress, and had never done any business with the strange entity known simply as "Brolaw Services." The transaction was entirely fraudulent

Courts Can't Agree on Whether Cops Can Track Your Cell Without a Warrant (Wired) Prosecutors are shifting their focus to warrantless cell-tower locational tracking of criminal suspects in the wake of the Supreme Court's ruling 18 months ago that law enforcement should acquire probable-cause warrants from judges to affix GPS devices to vehicles to

Wiretaps Stopped by Encryption Hindering Surveillance (Bloomberg) Police wielding wiretaps have for the first time been stymied by encryption, pointing to a technical capability gap as detectives and FBI agents try to penetrate increasingly sophisticated networks and devices

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

QUESTnet 2013 Conference (Gold Coast, Queensland, Australia, July 2 - 5, 2013) Queensland Education, Science and Technology Network (QUESTnet) is the Queensland regional component of the Australian Academic and Research Network (AARNet). The QUESTnet conference is an annual event...

Digital Forensics and Incident Response Summit (Austin, Texas, USA, July 9 - 10, 2013) The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world, Austin, Texas. The Summit will focus on high quality and extremely relevant content as...

London Summer 2013 (London, England, UK, July 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The...

GovConnects Business Breakfast: "Secured Space." What It Is - Who Has It - Who Needs It (UMUC, Dorsey Station, Elkridge, July 10, 2013) With today's Cyber threats, all businesses, institutions and the general public are at risk as never before. Learn about the lastest technologies, measures and solutions being used today and into tomorrow...

3rd Cybersecurity Framework for Critical Infrastructure Workshop (San Diego, California, USA, July 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations,...

cybergamut Technical Tuesday: Remote Digital Forensics (Columbia, Maryland, USA, July 16, 2013) 'The remote control changed our lives. The remote control took over the timing of the world. Within three seconds, click, click, click. So can we do remote forensics?' Ken Zatyko of Assured Information...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.