skip navigation

More signal. Less noise.

Daily briefing.

Bitdefender finds a version of the MiniDuke espionage malware that began operating in June 2011. (Bitdefender regards this version's use of a US Navy embedded clock as mere misdirection—the company suggests a Chinese origin for the malware.)

Oracle has issued an emergency Java fix, and Apple follows by addressing its own products' vulnerability to Java problems. The exploit FireEye detected last week installed a remote access Trojan—"McRAT"—and Symantec thinks the campaign was linked to the breach of Bit9 (the malware was signed with stolen Bit9 certificates) and waterholing attacks staged through a Hong Kong Amnesty International site.

Trend Micro finds the Blackhole exploit kit updated to attack recently patched Java vulnerabilities. Sophos has discovered iFrame injections redirecting legitimate site visitors to Blackhole.

Norway joins the growing list of governments alleging Chinese cyber espionage, and the reported targets form a familiar list: defense, R&D, and energy.

Prices are falling sharply in the cyber black market: malware-as-a-service is quickly commodifying the bad actors' wares.

Alarmists see the Evernote breach as good reason to avoid the cloud altogether, but InformationWeek sensibly argues the alarmists have this one wrong. Evernote does, however, show the value of two-factor authentication, reduction of attack surface, and, above all, quick incident response.

The US Government grapples with budget sequestration, but curiously hasn't stopped hiring yet.

Online higher education expands in the UK. In the US, those interested in this phenomenon might look at how Stanford University (no one's idea of a down-market institution) approaches it.

Notes.

Today's issue includes events affecting China, European Union, France, Israel, NATO, New Zealand, Norway, Romania, Singapore, Syria, United Arab Emirates, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

MiniDuke Espionage Campaign Began About a Year Earlier Than First Thought (ThreatPost) Researchers have found an earlier version of the MiniDuke espionage malware that dates to June 2011 - almost a year ahead of the previously oldest variant designed to spy on NATO, European governments and U.S. research and think tanks. Unlike the cyberspyware discovered last week, this one embedded a U.S. Navy clock, not one running on Chinese time

Java zero-day malware 'was signed with certificates stolen from security vendor' (ZDNet) A new Java zero day shares traits with attacks on Hong Kong Amnesty International, researchers have found. Malware used in a zero-day Java exploit was signed with certificates stolen from a security firm, researchers have found. The editions of Java targeted by the malware, Java 6 Update 41 and Java 7 Update 15 were released 10 days ago. However, researchers at security firms FireEye and CyberESI have already discovered an attack -- known as CVE-2013-1493 -- that successfully exploits the two editions of Java, and have informed Oracle of its existence

Researchers link latest Java zero-day exploit to Bit9 hack (InfoWorld) The attacks discovered last week that exploited a previously unknown Java vulnerability were likely launched by the same attackers that previously targeted security firm Bit9 and its customers, according to researchers from antivirus vendor Symantec. Security researchers from FireEye, who found the new Java attacks last week, said that the Java exploit installs a remote access piece of malware called McRAT. The threat, which Symantec products detect as Trojan

Prompted by Oracle Rejection, Researcher Finds Five New Java Sandbox Vulnerabilities (ThreatPost) Giving a prolific bug hunter an excuse to go poking deeper into a potential security issue generally doesn't end well or the vendor in question--in this case Oracle. Polish security firm Security Explorations, noteworthy for its Java security research, said today it reported five new vulnerabilities in Java SE 7 to Oracle. If combined, researcher Adam Gowdiak said, they can be used to gain a complete bypass of the Java sandbox

Blackhole outfitted with exploit for recently patched Java flaw (Help Net Security) The exploit for the recently patched CVE-2013-0431 Java vulnerability has been added to the Blackhole exploit kit, Trend Micro researchers report. The fact was discovered through the analysis of the

Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit (Naked Security) SophosLabs has seen huge volumes of legitimate sites being compromised with malicious redirects in recent weeks. Fraser Howard explains what's going on, and how the compromised web servers are almost exclusively running Apache

Norwegian Authorities Say China Is Behind at Least 20 Serious Cyberattacks (Softpedia) Norwegian National Security Authority deputy Eiliv Ofigsbo has revealed that several high-profile organizations have been targeted in sophisticated cyber espionage campaigns traced back to China. At least 20 sophisticated cyberattaacks appear to have been launched from China. Ofigsbo says organizations from industries such as high-tech, defense, and oil and gas have been targeted, The Nordic Page reports

Lock Screen Bypass Flaw Found in Samsung Androids (ThreatPost) A vulnerability exists in Samsung devices running Android version 4.1.2 that could give unauthenticated users the ability to circumvent the screen lock and view the home screen, run apps, and reach out to contacts without successfully completing Android's pattern lock, PIN, password or Face Unlock mechanisms

Breaking: Bank of America partner hacked by Anonymous (CyberWarZone) The Bank of America hack by Anonymous is spreading like a virus over the web. Anonymous recently told the Twitter atmosphere that the BOFA Torrent files were taken offline but that they simply reuploaded the files. Now the Bank of America has told the world that their data was compromised via an partner of BOFA. The Paranoia site said in their press release that the files were not hacked from an server but were simply downloaded from an unsecured public server in Tel Aviv

Two Twitter Accounts of FRANCE 24 Hacked by Syrian Electronic Army (Softpedia) The Syrian Electronic Army, the hacker group that supports the Syrian regime, has hijacked the Twitter account of FRANCE 24 Arabia, and the one of Les Observateurs. Its worth noting that Les Observateurs is the site of FRANCE 24 which covers the news through an international network of observers who submit information, photos and videos. In the tweets they posted from the compromised accounts, the hackers accused the organization of being a liar media

40 Million Websites Are Currently Vulnerable to Cyber Attack, a Recent Study by Creative Development Finds (Virtual Strategy) Creative Development found in study carried out during March that 80% of all WordPress installations are not running the latest version. Vulnerabilities exist in old versions of the system, and this leaves businesses open to cyber attack

Warning from 'Mark Zurckerberg' leads to account hijacking (Help Net Security) If you get an email sent by "Mark Zurckerberg", saying your Facebook account might be permanently suspended because of violations of the social network's Terms of Service, fight the urge to follow

WikiLeaks Has More US Secrets, Assange Says (Melbourne Age) Julian Assange has confirmed that WikiLeaks still holds classified United States government documents that it is yet to publish. However the transparency website will not release this material during the court martial of its source, US Army private Bradley Manning

Russian ransomware takes advantage of Windows PowerShell (Naked Security) What's a reasonable price to pay to get your data safely returned to you from the guys who stole it? How about 10,000 Rubles? No? According to the cybercriminals behind this new ransomware targeting Russians, the answer is "Da"

Prices fall, services rise in malware-as-a-service market (InfoWorld) Prices are falling and the number of services is increasing as developers in the online underground compete fiercely for criminals looking to purchase botnets and other tools to mount cyber attacks. The trends in the so-called malware-as-a-service market reflect a maturing business in which any non-professional can buy or rent all the tools needed to build the malware, distribute it, and then siphon credit card and banking data and other personal information from compromised PCs. Developers even offer software consoles that provide a full view of a botnet and all its nodes."You don't have to be part of a hacking collective to be an effective hacker and someone who is effective at monetizing his efforts in this alluring way," said Grayson Milbourne, security intelligence director for Webroot

Need an army of killer zombies? Yours for just $25 per 1,000 PCs (The Register) As little as $25 will buy you access to a thousand malware-infected PCs, neatly packaged as a botnet army to control or spy on. That's according to a security researcher studying underground souks of zombie computers. But the prices increase steeply for the more discerning crook who only wants to use compromised machines in America or Europe for nefarious purposes

Evernote Breach: What It Means To Enterprise IT (InformationWeek) Cloud naysayers will insist that this incident shows why we should never use the cloud. Give me a break

Evernote Denies Java Exploit Used In Hack (Security Ledger) The online storage and productivity service Evernote said that it does not believe that the hack of its network that exposed information on 50 million users relied on an exploit of a Java vulnerability, as did recent attacks on Twitter and Facebook. In an e-mail response to questions from The Security Ledger about the hack, Ronda Scott, an Evernote spokeswoman, said that the firm does not believe that the hack used the Java exploit attributed to the other attacks, but said it was still investigating the incident. Its premature for us to comment on the methods used, the specific systems affected and/or origin and motivation, she wrote

Evernote Compromised, But Says No User Data Affected (ThreatPost) Evernote, the online service that enables users to store and sync all kinds of data across multiple devices, has become the latest major Web property to suffer a serious intrusion. The company said on Saturday that attackers had compromised some user information, including email addresses and hashed passwords. Evernote officials said that they did not think the attackers were able to gain access to any of the data that users store on the service

Security Patches, Mitigations, and Software Updates

Oracle releases emergency fix for Java zero-day exploit (PCWorld) Oracle releases emergency fix for Java zero-day exploit. Oracle released emergency patches for Java on Monday to address two critical vulnerabilities, one of which is actively being exploited by hackers in targeted attacks. The vulnerabilities

Following Oracle patch, Apple releases update to fix new Java zero-day (The Next Web) The update brings Java SE 6 to 1.6.0_43 and disables plugins on machines that don't have the latest version of Java. One of the flaws discovered by researchers and revealed last week was classified as a 'zero day' or unknown vulnerability that was

BlackBerry updates BlackBerry 10 OS even before it hits US market (FierceMobileIT) BlackBerry (NASDAQ: BBRY) has fixed some software glitches in its new BlackBerry 10 operating system even before the BlackBerry 10 devices hit the United States. With the update, BlackBerry has improved the performance of third-party apps so that "developers can build apps that run fast and smooth," BlackBerry said in a blog. The firm said that it anticipates the launch of a number of new apps this month, including the WhatsApp Messenger app

Cyber Trends

Browsers Standing Up For User Privacy (ThreatPost) Mozilla chief privacy officer Alex Fowler relayed a vivid anecdote last week during RSA Conference 2013 that illustrates the lengths third parties such as advertisers, data brokers and others who traffic in users' online behavior will go to track you once you land on a website

Security is changing, organizations are unprepared (Help Net Security) F5 Networks announced the findings of its 2013 RSA Security Trends Survey, which revealed that organizations are struggling to keep pace with the changing face of security. Respondents were RSA attendees with IT responsibilities over planning, management, oversight, or implementation of security. The results show that security trends such as virtualization (73%), BYOD (66%) and the complexity of attack types (72%) have the greatest impact on securing today's organizations. Nearly half of respondents admit that traditional safeguards are less than adequate in protecting against threats related to these trends, with roughly one-third of respondents reporting that their security readiness is inadequate

Security Industry Should Be Optimistic: Microsoft Execs (Security Week) Despite the changing threat landscape and all the security challenges we face today, there are many reasons for the security industry to be optimistic, a Microsoft executive said at the RSA Conference. Yes, major organizations are being breached, cyber-criminals are becoming much more organized, and attackers are crafting more elaborate and sophisticated attacks. None of these challenges change the fact that there have been big successes in the security industry in recent years, Scott Charney, corporate vice-president of Trustworthy Computing at Microsoft, said during his keynote speech on Tuesday

Marketplace

GOP Introduces Measure To Keep Government Running (Washington Post) But even though the proposed shifts would make the sequester slightly less indiscriminate - particularly for the military - the measure would leave in place the $85 billion spending reduction, locking in the cuts through Sept. 30, end of the fiscal year

Feds Keep Hiring With Sequesters In Place (Washington Times) The sequester cuts are now officially in place, but many government agencies appear to be hiring freely anyway

NIST set for $38M sequester; NTIA for $11M (FierceGovernmentIT) Two Commerce Department agencies heavily involved in federal information technology efforts will have $49 million deducted from their budgets over the remainder of the fiscal year due to sequestration

Federal IT efforts set for cuts under sequestration (FierceGovernmentIT) The budgets of federal information technology efforts will be affected by sequestration to a point difficult to assess with precision due in large measure to the rarity of IT funding receiving its own budget line

Hagel: Good or bad for contractors? (Washington Technology) I've taken a very informal survey of executives, as well as others close to the government market, to see what having Chuck Hagel as secretary of defense will mean

Demand for Cyber Security Jobs Is Soaring (Wall Street Journal) The demand for cyber security experts is growing at a much faster pace than the overall IT job market

H-1B Workers Not Best Or Brightest, Study Says (InformationWeek) Managers of high-tech companies insist they need more H-1B visas for foreign IT workers to ensure access to the best and brightest workforce. But a study released on Thursday finds that imported IT talent is often less talented than U.S. workers. The study, published by the Economic Policy Institute and conducted by Norman Matloff, professor of computer science at the University of California in Davis, compares U.S. and foreign IT workers' salaries, rates of PhD awards, doctorates earned and employment in research and development to determine whether those admitted to the U.S. under the H-1B visa program have skills beyond those of U.S. IT workers

Ishpi Receives Coast Guard Cyber Contract (SIGNAL Magazine) Ishpi Information Technologies Inc., Mount Pleasant, S.C., has won a $6.7 million dollar multi-year task to provide the United States Coast Guard with subject matter expertise in the areas of information systems security and analysis, certification and accreditation, risk management, and information assurance training support to the Command, Control, Communications, Computers, and Information Technology Service Center

Keith Littlefield Named TASC CTO (GovConWire) Keith Littlefield, former chief information officer at the National Geospatial-Intelligence Agency, has joined TASC as the company's new chief technology officer. The three-decade industry veteran will be responsible for leading the company's technology strategy and its independent research and development and technical fellows programs, the company said Monday. As NGA's CIO, he led planning, managing

Jim Freund Named Intelligent Decisions Strategy, Planning VP (GovConWire) Jim Freund, a 21-year Cisco (NASDAQ: CSCO) veteran and director for collaboration and smart solutions, has joined Intelligent Decisions as vice president of strategy and planning for enterprise sales. Freund will oversee the company's offerings in cloud, collaboration, remote expert, virtualization and bring-your-own-device as the company aims to grow in the enterprise space, IDIndefinite Delivery/ Indirect

Milou Carolan Named Northrop Info Systems HR VP (GovConWire) Milou Carolan, a former human resources consultant to public and private sector clients, has joined Northrop Grumman (NYSE: NOC) as vice president of human resources and administration in the information systems sector. Carolan will lead a team that develops and implements strategies aimed at acquiring, developing and retaining talent for the sector, the company said Friday

IDC: Cisco controls over half of enterprise WLAN market (FierceMobileIT) Cisco (NASDAQ: CSCO) controls more than half of the worldwide enterprise wireless local area network market, with Aruba Networks coming in a distant second at slightly more than 10 percent market share, according to the latest stats from research firm IDC

SAIC Rating Reiterated by RBC Capital (SAI) (Zolmax) SAIC (NYSE: SAI)'s stock had its "underperform" rating reiterated by investment…the intelligence community, the United States Department of Homeland

Logitech goes mobile (FierceMobileIT) As part of a move to mobile products, computer peripherals supplier Logitech is cutting 140 positions, or around 5 percent of the firm's non-direct-labor workforce, the company said on Friday. The move is part of an effort by Logitech's new president and chief executive officer, Bracken Darrell, to reduce expenses and shift the company out of the shrinking PC market and into the growing mobile market

Yahoo CEO Mayer checked VPN logs before banning telecommuting (InfoWorld) Yahoo CEO Marissa Mayer came up with her controversial and hugely unfashionable policy of outlawing home working after doing something almost unheard of for a U.S. CEO -- she checked the VPN logs to see whether anyone was slacking. According to the reporter who broke the news of the ban, Mayer told told a staff meeting last week that the logs told her that some employees weren't using the VPN often enough. The reasoning was simple and non-technical; if employees weren't using the VPN they couldn't be working or contributing to Yahoo as a company

VMware Exits Collaboration Market With Sale of SlideRocket To Clearslide, A Sales Engagement Platform (TechCrunch) VMware is exiting the collaboration market with the sale of SlideRocket to Clearslide, which will use the rich slide creation too to buttress its service that offers sales people presentation capabilities to better engage with customers

YooCare Announces It Has Helped to Resolve More Than 100,000 Cases Of Malware Or Virus Removal (Dark Reading) One of the most common issues that clients have needed help with is learning how to remove the FBI virus. YooCare, a company that provides its customers with complete online computer care services, has just reached an impressive milestone. Since opening just one year ago, YooCare, and its security subsidiary YooSecurity, have now finished over 100,000 cases of virus and malware removal services worldwide. According to information on the YooCare malware/virus information blog, one of the most common issues that clients have needed help with is learning how to remove the FBI virus

Products, Services, and Solutions

NSS Labs Releases Next Generation Firewall Group Test Reports (Dark Reading) NSS Labs today released its 2013 Next Generation Firewall (NGFW) Security Value Map and Comparative Analysis Reports, which evaluated 9 of the leading NGFW products on the market for security effectiveness, performance, enterprise management capabilities and total cost of ownership. This was the second group test for NGFW that NSS has conducted and overall there was marked improvement from most vendors' 2012 test scores

Zscaler Brings Big Security Visibility To The Cloud (Dark Reading) Zscaler, the industry's leading Security Cloud for the everywhere enterprise, today unveiled new analytics technology that gives enterprise security professionals unprecedented real-time visibility into all employee internet activity across web, cloud email, and mobile application platforms at any location and on any device. The new multi-tier data visualization capability relies on the daily real-time processing of more than 10 billion global internet transactions across the Zscaler Security Cloud network, spanning 180 countries. The resulting "Big Analytics" delivers instant, actionable insight into security threats, user productivity, and compliance violations that is simply not available from today's earth-bound appliance-based security solutions

Microsoft Acquires Cloud Performance Management Service MetricsHub, Makes It Available For Free On Azure (TechCrunch) Microsoft just announced that it has acquired MetricsHub, a service that automates cloud performance management and helps its customers manage their cloud services more efficiently. MetricsHub participated in the Microsoft Azure Accelerator, a competitive three-month accelerator program the company hosts in collaboration with TechStars

Wick Hill To Distribute Becrypt Data Security Solutions (IT News Online) Becrypt solutions are ideally suited to protect information in this ... is a leading supplier of innovative Information Assurance solutions and services

Fortinet Threat Services Boost MSP Presence (Channelnomics) Fortinet Inc. is putting feet to its budding managed service ambitions. The Sunnyvale, Calif.-based unified threat management firm launched cloud-based sandboxing and IP reputation services billed as a way to stave off advanced persistent threats. And it's move that gives the channel an elevated entrance into both managed service and advanced threat markets when taking on challengers Check Point Software Technologies Ltd. and WatchGurd Technologies Inc. that are already vying for greater position in this space

Now you can stop annoying SMSes in UAE (Help Net Security) Telecom authorities warn senders of service suspension. Have you had enough of promotional messages and other intruding texts on your mobile phone...if yes, it is time to act and have them stopped immediately. Those who are suffering from such annoying texts can now either block them one by one or all of them at the same time

AVAST 8 features new technologies for proactive detection (Help Net Security) AVAST introduced a new version of its consumer security software line. Version 8 brings a number of new technologies and improvements to deliver proactive detection, vulnerability prevention, and user

Kaspersky PURE 3.0 Total Security released (Help Net Security) Kaspersky Lab released Kaspersky PURE 3.0 Total Security, which offers protection for users to secure their online activities and digital assets across their home network of PCs

SafeNet and IT-Harvest Preview the Breach Level Index at RSA 2013 (TechZone 360) One of the big developments at the jam-packed RSA conference was the security industries focus on "visibility." The context here is that you cannot defend against what you don't know, and that even when you know it you need to understand the "context", e.g., the order of magnitude of the type of risk exposed, in order to decide how best to mitigate it. In addition, there is the issue of speed/awareness in a world where real-time in many ways is the only time, although there was also a lot of attention paid to the use of big data to proactively get ahead of the bad actors by anticipating both the nature of attacks and the best counter-measure to use against them

Bitdefender Antivirus Plus 2013 - Essential Silent Security (SBWire) Bitdefender antivirus plus 2013 is the best antispyware and antivirus defense which also offers id theft protection, protection of privacy on Facebook and Twitter, detects risky websites and it is also windows 8 certified. Bitdefender autopilot feature

Technologies, Techniques, and Standards

Using DevOps To Upgrade Application Security (Dark Reading) The techniques of the DevOps movement designed to bring developers and IT operations into closer alignment for more agility can also be a huge boon for app sec, RSA panelists say

Desktops-As-A-Service Boost Security, But Beware (Dark Reading) While many companies see virtual desktop infrastructure as a way to make the management of their employees' systems easier or offer mobile-device access to sensitive data, many firms have taken an interest in desktops-as-a-service for another reason: Security

Governance Without Metrics Is Just Dogma (Dark Reading) Entertaining RSA Conference panel titled 'Why U No Haz Metrics' discusses the importance of measuring security controls against exposure to loss. Without a solid security metrics program, organizations will struggle to institute risk management in meaningful ways and could be basing their security on false assumptions, an expert panel warned at the RSA conference last week. "You know what you call governance without metrics? Dogma," says Alex Hutton, director of operations risk and governance at Zions National Bank. "You know what you call governance guided by metrics? Risk management"

Schneier on Security (Bruce Schneier) One of the problems with motivating proper security behavior within an organization is that the incentives are all wrong. It doesn't matter how much management tells employees that security is important, employees know when it really isn't -- when getting the job done cheaply and on schedule is much more important

Securing the network beyond passwords (ComputerWorld) Passwords have been a weakness of network security since the development of computer networks. Through guessing weak passwords, exploiting weak passwords, acquiring passwords through social engineering, or more recently using malicious software like Advanced Persistent Threats (APT), attackers have focused on compromising passwords to gain access to the network

Dealing with the Drive-By (SavvyIntel) The drive-by. What a clever methodology. This Hollywood adapted term for "shooting on the go" has been driven into the INFOSEC community lexicon for good reason. In case of spear phishing fail, break high trafficked website, redirect victims, attempt exploit and push a malicious payload

The Data Cleanse (infosec island) Everyone talks about the evils of multitasking, and everyone still does it. I'm becoming convinced, though, that the problem isn't multitasking in and of itself; it's the massive ingestion of data that is putting a strain on our digestive systems. All of this is represented neatly by browser tabs

IPv6 Focus Month: Addresses (Internet Storm Center) I would like to start our focus month with a simple post about what many consider the IPv6 killer feature: Addresses. There are a number of issues that come up with addresses, and you need to understand them when you deploy IPv6. First of all, the IPv6 address is 128 Bits long. But unlike for IPv4, subnetting is a bit more restricted. The first 64 bits specify the network, while the second half of the address identify the host. Other then in a few, very specific cases (e.g. P2P links), you will never see a subnet smaller then a /64

Design and Innovation

Who needs thumbs? Samsung Galaxy S IV may scroll using eye-tracking (Ars Technica) The phone could see you seeing it seeing you

Research and Development

FCC approves Google project that will identify unused wireless spectrum (IT World) A Google project designed to collect information on available wireless spectrum into a central database has been given an FCC go-ahead to begin a public trial, the company announced today

Defeating cyber-attacks with quantum cryptography (Fox News) Using quantum cryptography, Los Alamos National Laboratory has developed a method to detect and defeat an adversary intent on intercepting or attacking power grid communications. New technologies like this system are critical to protecting critical

Academia

U.K. MOOCs Alliance, Futurelearn, Adds British Council To Its Free Higher Education Roster (TechCrunch) The U.K. MOOCs alliance, Futurelearn, which was announced last December and will be offering its first free courses "from mid-2013″ with the aim of creating a globally accessible British higher education brand, has added another member to its consortium of backers. The British Council is the latest to add its name to the Futurelearn alliance

Outfox the Competition. Learn. Adapt. Compete. (Stanford University) Learn how to protect your digital information, prevent attacks, ensure the privacy of your customers, and build secure infrastructures from leading professionals and world-renowned Stanford Faculty through this six-course certificate program

Change From Within (Inside Higher Ed) If higher education has a group of quintessential insiders, it's probably the American Council on Education. Yet from a perch atop the higher education lobby's headquarters here, the membership association of 1,800 college presidents is backing high-profile "disruptions" to the industry it represents

Legislation, Policy, and Regulation

EU, US go separate ways on cybersecurity (EurActiv) Europe and the United States look set to implement different approaches to cybersecurity, with Washington adopting voluntary reporting mechanisms against Brussels' compulsory measures. The difference approaches threaten to create problems for companies across the two major trade blocs

Fight cyber with cyber, or hit 'em where it hurts? (GCN) One topic that was notable by its absence at this week's RSA Conference in San Francisco was the widespread economic and military espionage being conducted by China. It's not that the subject wasnt mentioned, but it was just background and not news. Everyone in the security community accepted long ago that the Chinese are going online to steal intellectual property and other sensitive data

Assessing Whether to Report a Breach (Government Information Security) The new HIPAA Omnibus Rule contains detailed guidance on how to determine whether a breach must be reported, consumer advocate Deven McGraw explains. In an interview, McGraw, who chairs a privacy and security panel that advises federal regulators: outlines how the new guidance is different from the original "harm standard" for breach reporting;Describes the documentation that's now required; explains why she believes the new breach notification guidance is good news for consumers. McGraw is director of the health privacy project at the Center for Democracy & Technology, where she focuses on developing and promoting policies that ensure individual privacy is maintained as personal health information is electronically shared

White House Agrees Unlocking Your Cellphone Should Be Legal (Slate) Those who were outraged when the Library of Congress unilaterally decided in October that Americans could no longer unlock their own cellphones have a new ally: the Obama administration. In a response to a WhiteHouse.gov petition that gathered more than 100,000 signatures, the White House's senior advisor for Internet, innovation and policy today wrote that the administration had convened a panel of experts and arrived at the following conclusion

Smith says he'll fast track McCaul cybersecurity bill out of committee (FierceGovernmentIT) Better coordination of cybersecurity research and development efforts between the public and private sectors is needed to counter growing cyber threats to the United States, according to a Feb. 26 joint congressional hearing of two House Space, Science and Technology subcommittees. That job is better left to Congress and not to the president, says Committee Chairman Lamar Smith (R-Texas)

Litigation, Investigation, and Law Enforcement

Dotcom's costly battle continues (New Zealand Herald) Megalong, megacostly, megaembarrassing. Will the Kim Dotcom extradition case ever end? And how much will we have to pay? The case has dragged on for over a year and we haven't even got to the extradition hearing. If it starts in August as planned that will be twenty months since the megainvasion

Gang arrested for hacking Dubai exchange companies accounts (Gulf News) The Dubai Police have arrested a cyber crime gang who were able to transfer more than Dh7 million from exchange companies in Dubai, a senior official from Dubai Police said. Major General Khamis Matter Al Mazeina, acting chief of Dubai Police, said on Sunday that a gang of Asians and Africans work with hackers in order to enter different websites and systems of different companies here in Dubai in order to transfer money inside and outside the country. Cheques worth more than Dh6 billion have been found with the gang after their arrest, he said

61-Year-Old Hacker Convicted in Texas (eSecurity Planet) The FBI recently announced that Michael Musacchio, 61, of Plano, Texas was found guilty of conspiring to hack into his former employer's computer network. Musacchio was the president of transportation company Exel Transportation Services from 2002 until he left the company in 2004 to form competitior Total Transportation Services along with fellow Exel employees Joseph Roy Brown and John Michael Kelly. Between 2004 and 2006, Musacchio, Brown and Kelly "engaged in a scheme to hack into Exel's computer system for the purpose of conducting corporate espionage," according to the FBI

Sarasota to get results of cyber security report (Herald Tribune) City commissioners will hear the findings from the Sylint group's cyber security report today, and will also discuss changes to the noise ordinance. Forensic Analyst John Jorgensen will present what his company found over the past year as they investigated allegations of computer fraud by city staff. His report focuses primarily on recommendations for policy changes and holes in the city's cyber security, which the company helped fix

Did a secret formula for advanced electronics get Shane Todd killed? (Quartz) The death of Shane Todd is now officially an international affair. Singapore's police have asked the FBI to help them investigate the mysterious death of the 31-year-old American electronics engineer, whose body was found hanging in his Singapore apartment in June. His apparent suicide, as the Financial Times reported two weeks ago (paywall), was immediately questioned by his parents, who noted a number of incongruous details and alleged that foul play was involved. The truth of Todd's death may be wrapped up in US attempts to keep sensitive "dual use" technologies--useful for things like mobile phones but also in military hardware--out of the Chinese hands. Todd was an engineer working for Singapore's Institute of Microelectronics (IME), part of a state agency, as head of a team developing advanced technologies based on gallium nitride, a semiconductor that is able to withstand higher heat and power levels than silicon. IME sent him to New York in January, 2012 for training at Veeco, which makes equipment that is used to develop gallium nitride technology

A Chinese conglomerate's bid to knock down America's foreign-investment barriers (Quartz) The agency that polices the national security risks of foreign companies buying US firms may be about to get its wings clipped. Last week a US judge, while dismissing most of a lawsuit brought by Chinese-owned Ralls Corporation against the Committee on Foreign Investment in the US (CFIUS), surprisingly allowed one count claiming violation of constitutional due process rights to go forward. If Ralls succeeds on that count, it could curb the powers of CFIUS and force it to become more transparent

Apple's $1 Billion Samsung Patent Verdict Cut By Judge (InformationWeek) San Jose Judge Koh cites jury error, cuts decision against Samsung by $450 million and sets new trial date to determine damages

Life Inside the Aaron Swartz Investigation (The Atlantic) Once your life is inside a federal investigation, there is no space outside of it. The only private thing is your thoughts, and even they don't feel safe anymore. Every word you speak or write can be used, manipulated, or played like a card against your future and the future of those you love. There are no neutral parties, no sources of unimpeachable wisdom and trust

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...

IHS CERAWeek 2013 (Houston, Texas, USA, March 4 - 8, 2013) IHS CERAWeek 2013 will offer new insight on the energy future -- and on the strategic and investment responses by producers, consumers and policy-makers. What are the changes ahead in the competitive...

Business Insurance Risk Management Summit (New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...

CanSecWest 2013 (Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social...

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...

CTIN Digital Forensics Conference (Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...

Google and University of Maryland Cybersecurity Seminar (College Park, Maryland, USA, March 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information...

Department of Homeland Security 6th Annual Industry Day (Washington, DC, USA, March 18, 2013) The Department of Homeland Security (DHS) will be hosting its 6th Annual Industry Day to provide advanced acquisition planning information to industry. DHS Industry Day will consist of two sessions, the...

IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...

The Future of Cyber Security 2013 (London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.

SANS Cyber Threat Intelligence Summit (Washington, DC, USA, March 22, 2013) Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful...

AFCEA Belvoir Industry Days 2013 (National Harbor, Maryland, USA, April 2 - 3, 2013) The purpose of this event is to inform the IT community about the recent successes and the forward-thinking opportunities that the Department of Defense and the Department of the Army have developed.

CSO40 (Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.

Cloud Connect Silicon Valley (Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...

An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, April 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The...

Cyber 1.3 (, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...

HITBSecConf2013 (Amsterdam, the Netherlands, April 8 - 11, 2013) HITB2013AMS will feature cutting edge attack and defense research including the a presentation on the inner workings of the iOS 6.1 Evasi0n jailbreak presented by members of the world famous Evad3rs Team,...

INFILTRATE 2013 (Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.

Information Tech Expo Series - Hawaii (Oahu, Hawaii, USA, April 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness...

InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...

Infosec Southwest 2013 (Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...

23rd Annual Government Procurement Conference (Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network...

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...

Consumerization of IT in the Enterprise Conference and Expo (San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise.

CyCon 2013: 5th International Conference on Cyber Conflict (Tallinn, Estonia, June 4 - 7, 2013) CyCon 2013 is an annual NATO Cooperative Cyber Defence Centre of Excellence conference that is conducted with the technical cooperation of the IEEE Estonia Section. CyCon 2013 will focus on the technical,...

NSA SIGINT Development Conference 2013 (Fort Meade, Maryland, USA, June 4 - 5, 2013) The National Security Agency is responsible for providing foreign Signals Intelligence (SIGINT) to our nation's policy-makers and military forces. SIGINT plays a vital role in our national security by...

U.S. Census IT Security Conference and Exposition (Suitland, Maryland, USA, June 5, 2013) The Census Bureau's Information Technology Security Office (ITSO) and the Census Bureau's Data Stewardship Office is putting together a series of workshops on 'Information Security' and 'protecting your...

2013 Cybersecurity Innovation Expo (Baltimore, Maryland, USA, June 10 - 13, 2013) Do not miss the opportunity to participate in the 2013 Cyber Innovation Forum with active participation from National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and...

3rd annual Cyber Security Summit (, January 1, 1970) Over the last 2 years, the summit has gathered 150+ senior Defence, National Security and Industry executives to address current and emerging cyber threats to Australia's security. Now in its 3rd year,...

25th Annual FIRST Conference (Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

SECRYPT 2013 (Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...

International Conference on Cyber Security (New York, New York, USA, August 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit,...

3rd Annual Cyber Security Training Forum (Colorado Springs, Colorado, USA, August 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security...

First International Conference on Cyber-Physical Systems, Networks, and Applications (Taipei, Taiwan, August 19 - 20, 2013) CPSNA 2013 will focus on core challenges of cyber-physical systems. Given a tight integration of computation and the physical world, cyber-physical systems must compose robust systems, networks, and applications...

TechCrunch Disrupt San Francisco (San Francisco, California, September 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September...

15th Annual AT&T Cyber Security Conference (New York, New York, USA, September 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP...

CyberMaryland 2013 (Baltimore, Maryland, USA, October 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for...

International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, October 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through...

APPSEC USA (New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...

2013 ASE International Conference on Cyber Security (Orlando, Florida, USA, December 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.