Cyber attacks affect both Koreas. Attribution remains unclear, although hacktivists purporting to represent Anonymous claim attacks on the North. Other hacktivists (who say they're protesting censorship) claim attacks on the South, and say they've released personal information on US military members stationed in Korea. The success and sophistication of the attacks seem beyond anything in Anonymous' recent track record.
The Carberp source code's black market value, pegged Monday at $50k, has surely dropped—it's been leaked. Moderate any Schadenfreude at crimeware vendors' lost IP, however: the leak augurs a spike in Carberp-based exploits.
Emboldened by the PRISM affair, China's People's Liberation Army, after a short breather, is back hacking. (Tibetan activists are targeted.) Fresh leaks allege US intrusion into Chinese telecom networks and a comprehensive cyber espionage program.
eSecurity Planet considers how enterprises should trim their data protection policies in the light of stories about US Government electronic surveillance. The risks are as real—consider litigation in the EU and protectionist retaliation in China against big targets of opportunity like Cisco—as the responsibilities.
By general consensus the PRISM affair has provoked not only domestic US controversy, but also a large diplomatic mess: Russia and China exploit American discomfiture; politicians on the EU's left (and not only there) call to protect Edward Snowden. Australia fears PRISM will damage its relations with Asian neighbors. More leaks are promised: Snowden says he's cached encrypted files around the world as "insurance."
The Wikileaks trial may set precedent for online evidence—Tweets, blogs, etc.
Today's issue includes events affecting Australia, Austria, China, Ecuador, European Union, Iceland, Ireland, Israel, People's Democratic Republic of Korea, Republic of Korea, Russia, Taiwan, United States..
North and South Korea websites shut amid hacking alert(The Guardian) The attacks in South Korea did not appear to be as serious as a cyber-attack in March, which shut down tens of thousands of computers and servers at broadcasters and banks. There were no initial reports that banks had been hit or that sensitive
Cyberattacks Disrupt Leading Korean Sites(New York Times) Major government and news media Web sites in South and North Korea were shut down on Tuesday after anonymous hackers claimed to have attacked them on the 63rd anniversary of the start of the 1950-53 Korean War
TROJ_DIDKR.A(Trend Micro Threat Encyclopedia) This malware is related to the security incident that affected certain government and news websites in South Korea. In one of the attacks, cybercriminals compromised the auto-update mechanism of SimDisk.exe in order to serve a modified malicious version of the said installer and to allow the infection chain to play out as intended
Compromised Auto-Update Mechanism Affects South Korean Users(Trend Micro Security Intelligence Blog) On Tuesday, South Korea raised the country's cyber security alarm from level 1 to 3, because of several incidents that affected different government and news websites in South Korea. One of the several attacks related to the June 25 security incident involved the compromise of the auto-update mechanism related to the legitimate installer file SimDisk.exe, which we were able to get a sample of. SimDisk is a file-sharing and storage service
NetTraveler Malspam Campaign Targeting Regional Tibetan Youth Congress(Trend Micro Threat Encyclopedia) The NetTraveler campaign is a series of malware spam attacks used against different companies and governmental institutions. Included in this list are the Tibetan/Uyghur activists. Recently, we received a spam mail which uses this campaign and its target is the Regional Tibetan Youth Congress
Suspected China-based hackers 'Comment Crew' rise again(CSO) After a brief rest, the hackers have regrouped and started fresh campaigns. The suspected China-based hackers known as the "Comment Crew" are back at it again, a development likely to contribute to continued tensions between the U.S. and China over cyberattacks
Adversary Arsenal Exposed Part I: PinkStats the Two–Handed Sword of the Chinese Attackers(Seculert) Much like in the middle ages, where the best knights had a great arsenal of swords, axes and maces to win a battle, today's adversary must have a good arsenal of attacking tools and malware to have a successful APT attack. For instance, the Chinese APT1 group has a great arsenal of malware - many of which are described in Mandiant's detailed report
NSA hacked China's top carriers in hunt for SMS data – report(The Register) Snow joke for NSA as latest revelations point to extensive campaign. PRISM snitch Edward Snowden responded to the US government formally charging him with spying on Friday with fresh revelations that the NSA hacked China's three state-run telcos in a bid to nab SMS data
Rogue 'Free Codec Pack' ads lead to Win32/InstallCore Potentially Unwanted Application (PUA)(Webroot Threat Blog) Following last week's profile of yet another InstallCore Potentially Unwanted Application (PUA) campaign, we detected another rogue ad campaign this week. This time enticing E.U based users into downloading and installing a fake "Free Codec Pack", with the users sacrificing their privacy in the process due to the additional toolbars that will be installed on their PCs
Researchers reveal tricks for Cutwail's endurance(Help Net Security) While some botherders have opted for the arguably much safer P2P architecture in order to assure their botnets' resilience, others are still clinging to the standard distributed C&C option
Carberp Source Code Leaked(Threatpost) The source code for the Carberp Trojan, which typically sells for $40,000 on the underground, has been leaked and is now available to anyone who wants it. The leak has echoes of the release of the Zeus crimeware source code a couple of years ago and has security researchers concerned that it may lead to a similar crop of new Trojans and crimeware kits
Compromised Yahoo! Accounts Used to Spread Android Trojan(SecurityWeek) Over the last several days, weeks really for some, people have noticed an uptick in the amount of spam coming from compromised Yahoo accounts. SecurityWeek staff has witnessed this uptick in spam as well. But this spam run is designed to spread malware to Android devices, so it's likely not as simple as a weak password issue
A New Cyber Concern: Hack Attacks on Medical Devices(Scientific American) The agency also prodded hospitals to step up future reporting of any cyber attacks. In a recent alert the U.S. Department of Homeland Security highlighted one weakness affecting approximately 300 medical devices, including drug infusion pumps
Security Patches, Mitigations, and Software Updates
5 Chrome Plugins That Make Browsing More Secure(Kaspersky Lab Daily) There is an entire market of plugins out there designed to keep you safe while surfing the web on your browser of choice. Each one has lots of options; for Google's Chrome, here are five of the best programs that will help keep your system and your personal information safe and secure
Firefox Delivers 3D Gaming, Video Calls and File Sharing to the Web(The Mozilla Blog) Rich activities like games and video calls were some of the last remaining challenges to prove that the Web is a capable and powerful platform for complex tasks. We conquered these challenges as part of Mozilla's mission to advance the Web as the platform for openness, innovation and opportunity for all
WordPress 3.5.2 Maintenance and Security Release(WordPress) WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also contains some additional security hardening
Will PRISM Impact Data Protection Strategies?(eSecurity Planet) As details of the National Security Agency's PRISM program continue to emerge, how concerned should enterprises be about government requests for data? It's 9 o'clock on a Monday morning, and half a dozen law enforcement officers are banging on the door of your data center. They're waving official looking documents and demanding access to your data
Infographic: Malicious Mobile Apps(Webroot Threat Blog) The workplace technology landscape has changed dramatically over the past five years, and the security threats have changes along with it. Here are the growing factors that IT professionals can't afford to ignore, all in a beautiful infographic
Middle East energy sector most at risk of cyber attack(Power Engineering International) And the company has warned that "a cyber attack on crucial energy supplies and transiting routes in this region would impact the entire world". DNV KEMA said that no regional cyber security strategy has yet been implemented in the Middle East, despite
Cyber espionage, Android malware dominate in Q1 2013(Tempo) Kaspersky Lab, a leading secure content and threat management solutions, said that an increased number of alleged state-sponsored cyber-attacks were recorded by the Kaspersky Security Network (KSN). KSN is a distributed system that collects data about
Organizations Fail at Securing Regulated Data on Mobile Devices, Survey(SecurityWeek) In security, what organizations don't know about their data that can hurt them. In a new survey sponsored by mobile security provider WatchDox, the Ponemon Institute found that more than 80 percent of the 798 IT professionals surveyed did not know how much of their organization's data is stored on cloud file sharing services or mobile devices
Web Badness Knows No Bounds(Krebs on Security) If your strategy for remaining safe and secure online is mainly to avoid visiting dodgy Web sites, it's time to consider a new approach. Data released today by Google serves as a welcome reminder that drive-by malware attacks are far more likely to come from hacked, legitimate Web sites than from sites set up by attackers to intentionally host and distribute malicious software
New big data risks(FierceBigData) Gartner says that by 2019--a mere six years from now--"90 percent of organizations will have personal data on its systems they don't own or control." Much of this will stem from importing data from external sources, but in any case that accumulation of personal data presents new security risks to individuals and the companies holding the data alike
What kind of strategic boost does FedRAMP give HP and Lockheed?(Washington Technology) There are more than 140 corporate members within Lockheed's Cloud Security Alliance, and while the companies may vary across the spectrum, they all share a "vested interest in understanding the security requirements associated with cloud computing"
Qualys Coverage Initiated by Analysts at Imperial Capital (QLYS)(Mideast Times) Equities researchers at Imperial Capital assumed coverage on shares of Qualys (NASDAQ: QLYS) in a research report issued on Tuesday, StockRatingsNetwork.com reports. The firm set an "outperform" rating and a $18.00 price target on the stock. Imperial Capital's price target suggests a potential upside of 14.87% from the stock's previous close
ALAPKO has been acquired by Subsystem Technologies(M&T Investment Banking Group) [M&T Investment Banking Group is serving as financial advisor to Subsystem Technologies, Inc., in it acquisition of ALAPKO, Inc. Subsystem and ALAPKO provide cyber security and other services to the US Federal Governemnt.
Dell buyout drama heats up(FierceFinance) Ahead of a July 18 shareholder vote, both sides in the Dell buyout sweepstakes are pressing their cases
Products, Services, and Solutions
How Much is Your Gmail Worth?(Krebs on Security) If you use Gmail and have ever wondered how much your account might be worth to cyber thieves, have a look at Cloudsweeper, a new service launching this week that tries to price the value of your Gmail address based on the number of retail accounts you have tied to it and the current resale value of those accounts in the underground
New Tool Gives Developers A Free Anti SQL Injection Shortcut(Dark Reading) As one of the longest-lingering burrs in the saddles of database security and application security professionals, SQL injection continues to plague the Web application world for a myriad of reasons. But none is so oft lamented as the fact that developers continue to write unparemeterized database queries into their code
AirWatch enhances laptop management solution(Help Net Security) AirWatch announced enhancements to its laptop management solution that provides additional functionality and platform support for organizations that need to manage all of their mobile devices
Eradicate passwords, get two-factor authentication for free(Herald Online) M-Pin™ Strong Authentication System is finally available! Nearly a year after CertiVox introduced the M-Pin™ Protocol, it's now available for any ISP, enterprise or SaaS solution provider to integrate into their environment. With both a free and enterprise tier of the M-Pin Managed Service, accessing M-Pin is in the reach of any size organization
HP unveils Slate 21, all-in-one Android-based desktop(FierceCIO: TechWatch) Hewlett-Packard (NYSE: HPQ) this week took the wraps off a new 21.5-inch all-in-one desktop at an HP event in Beijing. Instead of running on the Windows operating system though, the HP Slate 21 will come with Android 4.2.2 and will be powered by Nvidia's upcoming Tegra 4 quad-core processor
Dell Announces "World's Most Secure" Commercial PCs(Enterprise Networking Planet) Factory-installed Dell Data Protection suite to make Dell commercial PCs the most secure in the world, right out of the box. No network is truly secure unless its endpoints are secure, too. That's what Dell is banking on with the announcement today that its Dell Data Protection (DDP) suite, with new security features, will come baked-in to all Dell commercial PCs. Dell claims the security suite will make its PCs the most secure in the world, right out of the box. Last week, I sat down with representatives of Dell and its malware prevention technology partner, Invincea, to learn how
Procera Networks to Showcase Dynamic LiveView at QUESTnet 2013 Conference(BWW Geeks) Procera Networks, Inc. (NASDAQ: PKT), the global network intelligence company, today announced it will demonstrate its real time Dynamic LiveView capabilities on network traffic running at this year's Queensland Education, Science and Technology Network (QUESTnet) conference, July 2-5 in Gold Coast, Australia
Joyent Launches Manta Service For Cloud Computing, Storage(InformationWeek) Joyent Manta Storage Service keeps big data close to the compute resources needed to analyze it. Starting Tuesday, Joyent is offering a new type of storage combined with compute services. Joyent Manta Storage Service will keep data stored close to the servers that will analyze and work with it
Amazon Wins Best Cloud In CIA Bake-Off(InformationWeek) Despite a higher bid, Amazon gets CIA contract over IBM due to its deeper experience as a cloud services provider, says Amazon CTO Werner Vogel
Will Spark burn Hadoop?(FierceBigData) Hadoop is the current linchpin of big data and is so deeply embedded in the industry that it is hard to imagine that it will ever lose its grip on the market. But there is a flicker on the horizon called Spark that may ignite a disruptive change
BlackBerry Separates Work from Play on iOS and Android(SecurityWeek) Smartphone make BlackBerry today announced the availability of its latest mobile security offering designed to separate work-related apps and data from personal apps and data, on iOS and Android-based devices
NY Times Calls Out Edmodo On Security(InformationWeek) Concerned dad, a Cisco engineer, established fake account to prove that social collaboration site for teachers was not using encryption. Following an embarrassing The New York Times article on the weakness of its Web security, Edmodo is promising to make full SSL encryption standard for all accounts by July 15
Silent Circle Launches Management Console(SecurityWeek) Silent Circle, a startup providing private encrypted communications solutions, this week released Silent Circle Management Console, a secure web-based portal that allows organizations to purchase, assign and manage licenses for employees using the company's peer-to-peer encrypted communications tools on their devices
A New Approach to Advanced Threat Protection(Infosecurity Magazine) Can you prevent and advanced persistent threat from taking hold within your enterprise network? Can you thwart a determined and targeted cyber-attacker - bent on the theft of your most sensitive information - from achieving successful entry? If you ask George Kurtz of security start-up CrowdStrike, then the answer to both of these questions is a resounding "no". But, the firm's CEO and co-founder added, "you can close the gap between identifying these attacks and when you remediate the situation"
CrowdStrike Turns Security Fight Toward Attacker(Dark Reading) CrowdStrike Falcon platform is first to focus on the source of the attack, rather than stopping malware. In medicine, there are two types of treatment: those that treat the symptoms and those that cure the disease. Many doctors - and most pharmaceutical companies - devote the majority of their time toward managing and relieving symptoms, rather than stopping disease at its source
Technologies, Techniques, and Standards
Vulnerability Severity Scores Make For Poor Patching Priority, Researchers Find(Dark Reading) A bug's Common Vulnerability Scoring System (CVSS) score doesn't necessarily correlate with whether the vulnerability is being used in attacks. Relying on the measure of vulnerability severity to prioritize what to patch and which security issues to put off for another day is a waste of effort on software flaws that pose no danger while missing others that are currently being exploited, according to two researchers that plan to reveal their findings at the Black Hat Security Briefings later this year
Be Cyber Resilient:
Know the risks (and rewards) of Shadow IT.(Symantec) Cyber resilience is being able to understand modern attacks, implement the right procedures and response strategy to counteract future cyber threats and recover from incidents faster. Start the process towards cyber resilience by considering how Shadow IT can be turned into an advantage#8230
SSL: Intercepted today, decrypted tomorrow(Netcraft) Millions of websites and billions of people rely on SSL to protect the transmission of sensitive information such as passwords, credit card details, and personal information with the expectation that encryption guarantees privacy. However, recently leaked documents appear to reveal that the NSA, the United States National Security Agency, logs very high volumes of internet traffic and retains captured encrypted communication for later cryptanalysis. The United States is far from the only government wishing to monitor encrypted internet traffic: Saudi Arabia has asked for help decrypting SSL traffic, China has been accused of performing a MITM attack against SSL-only GitHub, and Iran has been reported to be engaged in deep packet inspection and more, to name but a few
Ignoring Compliance Is A Real Option(Dark Reading) Life is full of choices. Lots of choices. We even have choices we don't recognize as available. Business is the same way. For instance, did you know that both compliance and security are optional for your business? They are choices. Every day your business makes choices about how much effort, if any, it will make toward meeting compliance requirements or securing its assets, for both the physical facilities and its information assets
Database Configuration Standards(Dark Reading) "Where do I find database security benchmarks?" That was the question posed to me this week when discussing database security assessment. It's an odd question for database administrators (DBAs) because a "benchmark" is a term we associate with performance. In compliance or security parlance, it means configuration standards, and this customer wanted to know, "Where do I find industry standards for database configuration?" The short answer is, "You don't"
The big data gold rush: Data miners find gold…and fool's gold too(FierceBigData) Big data rapidly became the modern day equivalent of the California Gold Rush. Enterprises and governments took a look at the growing mountains of data and quickly came to the conclusion that "there is gold in them thar hills." But just like in the Gold Rush, sometimes the glitter is just fool's gold and not the real thing
What to Do if Facebook Leaked Your Data?(Kaspersky Lab Daily) The recent incident of personal data being leaked from Facebook's servers is just one more demonstration that even the best cloud services are not flawless. Therefore, every user should have a plan of action in case of a crash
Hardware nerds rejoice! New incubator will turn prototypes into commercial products(VentureBeat) Many hardware startups stumble when they attempt to move from prototype to large-scale manufacturing. To help these companies scale, Highway1 has launched its San Francisco-based incubator program. What's unique about the program is that it can help young companies form partnerships with local supply chain service providers in Asia and Europe
Microsoft bundles all startup initiatives into one super-charged support network(VentureBeat) Microsoft is creating a startup three-ring circus. The company is combining various startup initiatives into one coordinated global effort called Microsoft Ventures. It will include a community evangelism program, an accelerator program, and a seed fund that supports startups around the world as they grow their customer base and products
Korean graphical designer in "font protest" against PRISM surveillance(Naked Security) About a year ago, a Korean graphical designer came out with an "anti-surveillance" typeface called ZXX, as a sort of protest against electronic eavesdropping. But, in the aftermath of PRISM, are there *really* any anti-surveillance properties to ZXX? Paul Ducklin has a look
Remembrance of Everything Past(IEEE Spectrum) More information could enhance cognition and lead to better decision making—or drown us in a deluge of data points
Everyone's passwords suck--and why pretty soon it won't matter(Quartz) Do you suffer from password fatigue? If you're a human and you use the internet, the Agence France-Presse says, you probably do. Symptoms include picking "easy" passwords--those that shirk suggestions for long strings of characters mixing numbers and symbols--and repeating passwords from one website to another, a dangerous game if you're mixing low- and high-security accounts
GoSCiTech: GSSM Camp stimulates interests in science, technology(Hartsville Messenger) The Governor's School for Science and Math residential summer camp is in full swing. Formerly known as the Summer Science Program, GoSciTech has reached a new level this summer with more that 400 students signed up for one or more weeks of the three-week science camp
What's the right age for kids to learn to code?(VentureBeat) Last week, I received an email from three female designers living in Sweden. They told me about their new website and interactive e-book, "My First Website," to help toddlers learn to code
Greens condemn EU's anti-hacker directive(Cyberwarzone) The Greens/EFA group has opposed the new cyber crime directive endorsed by parliament's civil liberties, justice and home affairs committee, calling the new rules "blunt"
Exclusive: Documents Illuminate Ecuador's Spying Practices(BuzzFeed) The country where anti-surveillance hero Edward Snowden wants to take refuge spent half a million dollars on an Israeli-made "GSM interceptor" in a deal brokered by a U.S. middleman. Seeking the capacity to "intercept text messages, falsify and modify the text messages" among other tricks
In NSA Leak, Foes Of U.S. See A Chance To Return Fire(Washington Post) It may be years before the full cost of Edward Snowden's intelligence leaks can be measured. But his disclosures about top-secret surveillance programs have already come at a price for the U.S. government: America's foes have been handed an immensely powerful tool for portraying Washington as a hypocritical proponent of democratic values that it doesn't abide by at home
NSA Head Says Surveillance Fact Sheet Was Flawed(Washington Post) National Security Agency Director Gen. Keith B. Alexander acknowledged Tuesday that a fact sheet on the agency's Web site inaccurately described the extent to which the communications of U.S. citizens are protected from the spy agency's collection of e-mail and other material from technology companies
Snowden leak tips balance in US-China cyber-war(Russia Today) The release of data about US hack attacks on China has deprived the West of the moral high ground in the cyber-war, Hong Kong City University Professor Joseph Cheng told RT. This could give China diplomatic ammo in future negotiations with the US
U.S. Surveillance Is Not Aimed at Terrorists(Bloomberg) The debate over the U.S. government's monitoring of digital communications suggests that Americans are willing to allow it as long as it is genuinely targeted at terrorists. What they fail to realize is that the surveillance systems are best suited for gathering information on law-abiding citizens
Congress passed act in 2011 to detect, prevent 'insider threats'(Washington Times) Mr. Snowden told the South China Morning Post, in an interview published this week, that he sought work with U.S. intelligence contractor Booz Allen Hamilton at the NSA's Hawaii Threat Operations Center to be in a position to steal data that would
HHS rule would give federal exchanges 1 hour to report data breaches(FierceHealthIT) Under a newly proposed rule from the U.S. Department of Health & Human Services, federally-facilitated exchanges created via the Affordable Care Act, as well as entities working with such exchanges, would have one hour to report security incidents upon discovery of a breach
ONC, FDA aligning app guidance with broader health IT policy(FierceMobileHealthcare) The Office of the National Coordinator for Health IT has taken a leadership position in promoting the implementation of health IT across the country. ONC is actively supporting the adoption of health IT and the promotion of nationwide health information exchange to improve America's healthcare system. FierceMobileHealthcare had the opportunity to speak with Jodi Daniel, Director of ONC's Office of Policy and Planning
mHealth Regulatory Coalition urges FDA to release final apps guidance(FierceMobileHealthcare) The mHealth Regulatory Coalition (MRC) on June 21 sent a letter to Department of Health and Human Services (HHS) Secretary Kathleen Sebelius urging HHS, through the U.S. Food and Drug Administration (FDA), to publish the final guidance on mobile medical applications (MMA) "as soon as reasonably possible."
SASC proposes folding DoD CIO into DCMO(FierceGovernmentIT) The Senate committee overseeing the Defense Department says the position of departmental chief information officer should be folded into the duties of the deputy chief management officer and the position of the DCMO elevated in authority to the level of undersecretary of defense
There's a new commander of Army Cyber Command(Defense Systems) U.S. Army Cyber Command is about to get its second command general since the command stood up in October 2010. The new commanding general will be MG Edward Cardon, who was nominated for the rank of lieutenant general and will take over the Fort
Litigation, Investigation, and Law Enforcement
Students cite EU data protection laws, challenge firms over NSA data transfers(Ars Technica) "US gag orders are not valid here," group says. In the wake of the disclosure of the National Security Agency's mass digital surveillance program, a group of Austrian students have filed a series of formal complaints with a number of European data protection agencies. The case could become the first legal proceeding challenging disclosure of non-American data to the American government on the basis of alleged violations of European Union data protection law
The US got Edward Snowden's middle name wrong on extradition documents(Quartz) Edward Snowden, NSA-leaker extraordinaire, is such a familiar face in world news that he's almost a household name. But for all the extensive NSA spying capabilities he revealed, US authorities were still not able to get his name right on extradition documents issued to Hong Kong, according to Rimsky Yuen, the city's justice secretary
Greenwald: Snowden's Files Are Out There if 'Anything Happens' to Him(Daily Beast) As the U.S. government presses Moscow to extradite former National Security Agency contractor Edward Snowden, America's most wanted leaker has a plan B. The former NSA systems administrator has already given encoded files containing an archive of the secrets he lifted from his old employer to several people. If anything happens to Snowden, the files will be unlocked
If The U.S. Nabs Snowden(Chicago Tribune) Edward Snowden is doing his best to avoid falling into the hands of U.S. law enforcement, and he's not pretending he did nothing illegal. He has admitted disclosing classified secrets about surveillance programs conducted by the federal government, and doing that is clearly against the law
China Brushes Aside U.S. Warnings On Snowden(New York Times) China brushed aside on Tuesday the Obama administrations warning that allowing Edward J. Snowden, the former national security contractor, to flee Hong Kong would have negative consequences, and said that the relationship between the United States and China should continue unimpeded
Putin: No Grounds To Extradite Snowden(Washington Post) President Vladimir Putin revealed Tuesday that Edward Snowden was indeed here but would not be handed over, confirming Russia's willingness to confound the United States but offering few clues to the secret-spiller's mysterious journey
'Meet the Press' Pundit With Financial Ties to NSA Misleadingly Slams Snowden(The Nation) On Meet the Press yesterday, shortly after host host David Gregory stunned many by suggesting that The Guardian's Glenn Greenwald should face prosecution, a roundtable of pundits discussed the unfolding Edward Snowden story. Mike Murphy, one of the Meet the Press pundits, mocked Snowden's attempt to seek asylum, calling him a "so-called whistleblower," and charging that "it's never been easier in human history to be a whistleblower" through official means
Why Ecuador?(Slate) As he talks to reporters and manages his WikiLeaks network, Australia-born Julian Assange is holed up in London's Ecuadorian embassy. Just last week, the country confirmed that Assange could continue to live there, avoiding extradition to Sweden. This announcement was made, naturally, by Ecuador's foreign minister. The country isn't exactly squeamish about its work in this area, and WikiLeaks enjoys a good working relationship with it, so it makes sense that Edward Snowden is asking Ecuador for asylum
Trend Micro turns RAT catcher as Taiwan cops cuff hacker(Register) Security vendor Trend Micro has embiggened its industry collaboration credentials this week after helping Taiwanese police arrest one man in connection with a widespread targeted attack, and teaming up with Interpol on a new cyber crime prevention centre
Lulzsec hacker Davis freed, back on the Internet(Help Net Security) Jake Davis (aka Topiary), the former Lulzsec hacker and spokesman, has been released from the Feltham Young Offenders' Institution, where he spent 37 days following his sentencing in May. Having or
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
QUESTnet 2013 Conference(Gold Coast, Queensland, Australia, July 2 - 5, 2013) Queensland Education, Science and Technology Network (QUESTnet) is the Queensland regional component of the Australian Academic and Research Network (AARNet). The QUESTnet conference is an annual event...
NASA National Capital Region Industry Days(Washington, DC, USA, June 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in...
AFCEA International Cyber Symposium 2013(Baltimore, Maryland, USA, June 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government,...
ShakaCon(Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better...
American Technology Awards Technology and Government Dinner(Washington, DC, USA, June 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology...
Digital Forensics and Incident Response Summit(Austin, Texas, USA, July 9 - 10, 2013) The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world, Austin, Texas. The Summit will focus on high quality and extremely relevant content as...
London Summer 2013(London, England, UK, July 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The...
3rd Cybersecurity Framework for Critical Infrastructure Workshop(San Diego, California, USA, July 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations,...
cybergamut Technical Tuesday: Remote Digital Forensics(Columbia, Maryland, USA, July 16, 2013) 'The remote control changed our lives. The remote control took over the timing of the world. Within three seconds, click, click, click. So can we do remote forensics?' Ken Zatyko of Assured Information...
Mobility Solutions for the Federal Market(Falls Church, Virginia, USA, July 16, 2013) With the improvements in mobile technology, smart phones and tablets, DOD, DHS and Civilian agencies have an opportunity to improve their service delivery models and the programs that serve their constituents.
2013 World Comp(Las Vegas, Nevada, USA, July 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields...
Black Hat 2013(Las Vegas, Nevada, USA, July 27 - August 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.