skip navigation

More signal. Less noise.

Daily briefing.

China opens a campaign against Mongolian agencies and organizations. Designed to satisfy curiosity about what a joint US-Mongolian military exercise ("Khaan Quest 2014") augurs for US relations with Mongolia, the campaign seeks (as the Register puts it) "to see who [China's] friends are". It's noteworthy that intelligence about the campaign was developed by crowd-sourced, collaborative ThreatConnect.

Cyber vandals hit and deface a web-hosting service in Argentina. Google's Malaysia site is the latest victim of a DNS attack. Metasploit pages were defaced via a spoofed fax order to its registrar.

Two IE vulnerabilities (both patched by Microsoft) are being actively and successfully exploited in the wild. Security analysts offer dissections of both.

Forbes publishes a rundown of the Bash tactic, how it succeeds, and what it means for Linux security.

Low-grade cyber criminals continue their petty monetization of botnets. The crooks responsible for the recent Adobe hack offer another opsec lesson: they were themselves careless enough to expose stolen source code on an unprotected server.

It's worth noting that cyber threats can function much the way traditional disinformation operations do. See last night's bogus press release that Samsung had acquired Fingerprint Cards, and the effect it had on the markets.

US budget issues bite BAE employees. Trend Micro buys Taiwan's Broadweb. Analysts have more to say about Cisco's security market play.

In the US Congress, Rep. Sensenbrenner introduces a bill to curb NSA surveillance. NSA defenders complain about tepid Administration support.

CIA says it flagged Snowden as a risk in 2009.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Ireland, Japan, Republic of Korea, Latvia, Luxembourg, Malaysia, Mongolia, Russia, Taiwan, United Kingdom, United Nations, United States..

Dateline Baltimore: CyberMaryland

'Spaf' On Security (Dark Reading) Internet security pioneer Eugene Spafford talks about why security has struggled even after its first big wake-up call 25 years ago, the Morris worm

Teens hone hacking skills in contests (Plattsburgh Press Republican) Computer-savvy teenagers are testing their skills in cyber-contests designed to teach them how to protect the government and private companies from hackers…At Baltimore's Loyola Blakefield prep school, a team of students meets twice a week after classes to practice for the Maryland Cyber Challenge, which is being held this week at the Baltimore Convention Center. At the event, they'll have to debug viruses from their computer and defeat mock attacks by cybercriminals played by IT professionals

Lockheed Martin and Tech Council of Maryland Host Cyber Security Awareness Day for Local High Schools (MarketWatch) For the fourth consecutive year, Lockheed Martin, in partnership with the Tech Council of Maryland (TCM) and the National Cyber Security Alliance (NCSA), will bring together more than 200 top performing Science, Technology, Engineering and Mathematics (STEM) high school students to raise cyber security awareness and to promote education and careers in the field

Cyber Attacks, Threats, and Vulnerabilities

Khaan Quest: Chinese Cyber Espionage Targeting Mongolia (ThreatConnect) The ThreatConnect Intelligence Research Team (TCIRT) has identified a weaponized Microsoft Word document that contains a Concept Development Conference (CDC) announcement for the joint US and Mongolia military exercise called Khaan Quest 2014. Retrospective TCIRT research identified additional decoy documents, written in Mongolian, themed around events like the Mongolian presidential election, held in June 2013. This activity represents Chinese Computer Network Exploitation (CNE) activity against Mongolian entities and others that have economic, military, or diplomatic relations with Mongolia. Mongolia's attempt to steer a more independent path by reaching out to what it calls "third neighbors," such as the United States, Japan, South Korea, and the European Union, is possibly prompting China to conduct CNE. This would help China maintain awareness of changes in Mongolian relations with the US and other Western influences and protect their national interests in Mongolia

Spies launch hack attacks on Mongolia…to see who its friends are — report (Register) Like checking up on your kid's Faceboo…well, not really…Cyber-spies are targeting Mongolian businesses and government agencies to keep the attackers "aware" of the land-locked country's relationships with "Western influences" like the US and the European Union, according to a recent report

China Conducts Cyber Espionage Campaign Against Mongolia (Softpedia) Security researchers from ThreatConnect's Intelligence Research Team (TCIRT) say they've identified a cyber espionage campaign launched by China against Mongolia. More precisely, it appears that China is trying to learn as much as it can about Mongolia's relations with the European Union and countries such as the United States, South Korea and Japan. The campaign targets not only entities from Mongolia, but also ones that have economic, diplomatic or military relations with the country

Argentina web hosting server hacked by x0x0 hacker (Hackers Post) Argentina web hosting server has been hacked and defaced by a hacker with the handle x0x0. For now, Website are restored and working properly. A total of 850+ website were hosted on the server and all website has been hacked. There is no specific reason mentioned by the hacker on the defaced page

Google's Malaysia site latest to be felled in DNS attacks (CIO) Google is the latest victim of an ongoing spate of attacks on DNS records. Google's website for Malaysia was briefly tampered with on Friday, underscoring continuing weaknesses in entities administering crucial website address database records

Phony Order Faxed to Registrar Leads to Metasploit Defacement (Threatpost) Metasploit creator HD Moore confirms that a spoofed fax order sent to its registrar led to the defacement of the Metasploit and Rapid7 homepages

Further Information on That Second IE 0–Day (InfoSecurity Magazine) Microsoft's monthly patch sequence this week held a surprise - a surprise second Internet Explorer zero-day vulnerability in addition to the widely expected fix for CVE-2013-3893. More information is now slowly emerging on the new vulnerability, CVE-2013-3897. Websense is a member of the Microsoft Active Protections Program (MAPP) which provides early warning on vulnerabilities so that security firms can apply protection as early as possible. This data enabled Websense to detect and track an instance of CVE-2013-3897 being exploited in the wild, and from that determine both the source of the attacks and the geographic location of the targets

The Technical Aspects of Exploiting IE Zero-Day CVE-2013-3897 (Trustwave SpiderLabs) Just two days ago we announced the discovery of in-the-wild attacks that used the zero-day which is now known as CVE-2013-3897. At that time we also promised to provide a more detailed analysis of the exploit. Now we have the opportunity to provide a fully and detailed analysis of the vulnerability (CVE-2013-3897) itself that has been used by the attacker, and examine the patterns used by the attacker comparing to the previous zero-day attack (CVE-2013-3893)

Anatomy of an exploit — inside the CVE–2013–3893 Internet Explorer zero–day — Part 1 (Naked Security) As you are probably aware, Microsoft's October 2013 Patch Tuesday includes an update for Internet Explorer that closes no fewer than ten RCEs, or Remote Code Execution holes. This sort of vulnerability means that merely looking at a booby-trapped web page could infect you with malware, even if you don't click on anything on the page. Unfortunately, an exploit that takes advantage of one those ten holes, CVE-2013-3893, is known to be in the wild

Patched IE zero–day and older flaw exploited in ongoing targeted attacks (Help Net Security) With this month's Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in attacks that date as back as three or four months ago and have been tied to the Chinese hacking group that hit Bit9 earlier this year

Unpatched flaws still favourite attack vector: IBM X–Force (IT World Canada) Zero day exploits and custom malware pack deadly punches and frequently grab the headlines, but many cyber criminals are focusing on less sophisticated methods to bypass security, according to a recent report from IBM's X-Force security research team

CSAM Some more unusual scans (Internet Storm Center) Most of us who regularly look at firewall and other logs get to know the usual targets, 22, 5900, 5060, etc. Most of the time these are fairly obvious and self explanetory. However on occasion you do see some that are a bit more unusual. For example this morning a scan was detected along these lines

How They Popped The Penguin: The Bash Tactic And What It Means For Linux Data Security (Forbes) Data security is something that most people don't want to think about. In our age of persistent connectivity, most data users, whether they are on a desktop, laptop or cell phone, connect to their data without thinking of the security risks of transmitting their data by connecting to a public network or an unsecured network of any kind. And most users think of data security in terms of malicious hacks on Windows and maybe a Mac once in a while. No one would ever think of screwing with Tux, he's so cute and all, and everyone loves good old open-sourced Linux, right? Well, no, yes and yes, but

Bogus Facebook page uncovered spreading Infostealer malware (V3) Security researchers have spotted a bogus Facebook page duping victims into downloading data-stealing malware. Symantec researchers Avdhoot Patil and Daniel Regalado Arias reported uncovering the scam in a public blog post, warning the criminals are using the site to mount a two-pronged attack against their victims

Stanford researchers discover 'alarming' method for phone tracking, fingerprinting through sensor flaws (SFGate) One afternoon late last month, security researcher Hristo Bojinov placed his Galaxy Nexus phone face up on the table in a cramped Palo Alto conference room. Then he flipped it over and waited another beat. And that was it. In a matter of seconds, the device had given up its "fingerprints"

Novice cyberciminals offer commercial access to five mini botnets (Webroot Threat Blog) With the increased public availability of leaked/cracked DIY malware/botnet generating tools, cybercriminals continue practically generating new botnets on the fly, in order to monetize the process by offering access to these very same botnets at a later stage in the botnet generation process. In addition to monetizing the actual process of setting up and hosting the botnet's C&C (command and control) servers, novice cybercriminals continue selling direct access to their newly generated botnets, empowering other novice cybercriminals with the foundations for further disseminating and later on monetizing other pieces of malicious software, part of their own arsenal of fraudulent/malicious tools

Adobe cyber attack a wake–up call — security firm (News24) The hacker attack on Adobe Systems may increase the vulnerability of all computers running the company's software, a security firm has said. Hackers hit Adobe a week ago and made off with source code along with credit card numbers relating to three million of its customers

Adobe's source code was parked on hackers' unprotected server (TechWorld) The files were encrypted but still sitting on an open Web server, security expert says. Hackers capitalize on other people's mistakes. But they make their own as well. Case in point: A massive breach of Adobe Systems' network was discovered after the source code of numerous products, including the Web application development platform ColdFusion, sat parked on a hacker's unprotected Web server open to the Internet

Twitter Still Being Used By Shady Hackers (TrendLabs Security Intelligence Blog) Recently, Twitter made public financial statements related to its upcoming initial public offering (IPO). Part of these statements including how many active users it has: Twitter said it has 218 million monthly active users, three-quarters of which have accessed the site from a mobile device. It's not a surprise that some of these users are malicious. What is uncommon is that some of these malicious accounts do try to "engage" with other accounts — even those of security vendors like Trend Micro. Too bad for these users — we are one step ahead of them, as we have previously blocked the dubious sites they offer

'Bulletproof' Hoster Santrex Calls It Quits (Krebs on Security) Santrex, a Web hosting provider that has courted cybercrime forums and created a haven for a nest of malicious Web sites, announced last week that it is shutting its doors for good, citing "internal network issues and recent downtime." Couldn't have happened to a nicer company

Vigilance saves Avast anti–virus from having its website pwned (Graham Cluley) It has been revealed that WhatsApp, AVG and Avira weren't the only companies to be targeted by a pro-Palestinian hacking gang this week

Bogus AmEx "Unusual activity detected" email leads to phishing (Help Net Security) An extremely thorough phishing campaign is currently targeting American Express customers by trying to make them believe that access to their account will be restricted within 48 hours if they don't update their account information

Nordstrom Finds Cash Register Skimmers (Krebs on Security) Scam artists who deploy credit and debit card skimmers most often target ATMs, yet thieves can also use inexpensive, store-bought skimming devices to compromise modern-day cash registers. Just this past weekend, for instance, department store chain Nordstrom said it found a half-dozen of these skimmers affixed to registers at a store in Florida

Open Enrollment Is Phishing Season (GovInfoSecurity) Open enrollment has begun for Obamacare as well as for health insurance plans offered by many employers. And that means it's prime time for fraudsters to target consumers with phishing scams, disguised as official-looking open enrollment messages, in an attempt to steal personal information

Tech Support Scams: Coming to a Mac near you (Malwarebytes) You may be familiar with cold calls where someone pretending to be from Microsoft is telling you that your computer is infected and needs to be repaired ASAP. In most cases, if you said you were running a Mac instead of Windows, the scammers would hang up and move on to the next victim

Samsung and Fingerprint hoax underlines power of internet rumours (Financial Times) The rapid spreading of false information via new online channels was brought sharply into focus on Friday after a fake press release was distributed claiming Korea's Samsung Electronics had paid $650m to buy Sweden's Fingerprint Cards. Shares in Fingerprint rose as much as 51 per cent on the news, before both companies denied the story. Fingerprint shares have been suspended, and Cision, a Swedish distributor of press releases, is investigating why it published the "incorrect" statement. It has also issued an apology

The 'autonomous,' hackable car (CSO) Driverless cars are coming, with almost magical convenience

Cyber Trends

Security Ratings Proliferate As Firms Seek Better Intel (Dark Reading) Scoring services seek to measure the security of almost every step of the business supply chain, from suppliers and transactions to applications and services

Comment: Beware the Nascent Cyber Insurance Market (InfoSecurity Magazine) As security incidents grow in number and severity, organizations are not only relying on their own defenses to guard against losses, but are increasingly looking to insure themselves against those losses. However, all should be aware that the cyber insurance market is still in relative infancy, as Colin Tankard outlines. Security breaches are mainstream occurrences, and every organization should assume that they are a victim. According to recent research published in conjunction with Infosecurity Europe in April, 93% of large organizations state that they experienced at least one breach in the previous year. They also reported that the number of breaches is growing rapidly as organizations experienced, on average, 50% more breaches than in the previous year

The Security Odyssey (CSO) How do we know if we're doing information security well? How far along the journey to information security nirvana are we and what does that place even look like? George Arronis, the Head of ICT Risk and Security for Serco Asia Pacific has some views on positive and negative trends he's seeing. "Three key things that the industry has done well is that there is a growing security awareness, we've adopted security frameworks to guide our security thinking, and we've tackled major threat themes over the last while. Although attacks are still happening the industry has developed multi-layered countermeasures to those threats" he said

4 Ways the Security Community is Changing for the Better (Duo Bulletin) For the casual observer of information security, it may look like everyone is after the next one-off vulnerability and not trying to affect actual change upon larger problems. While there are certainly exceptions to this which should be celebrated (such as OWASP), these have been typically few and far between. Meet-up groups (ISSA, city-sec, etc.) are great, too, but don't often impact much in the grander sense of information security. Just over the past few months, though, there have been some interesting initiatives that are taking off and improving information security in remarkable ways beyond the daily break-fix security lifestyle

Amid NSA Outrage, Big Tech Companies Plan to Track You Even More Aggressively (Wired) Thanks to former NSA man Edward Snowden, we now know a fair amount about the NSA's ability to collect data about what people do online, and it's all rather disturbing. But the future looks even more worrisome. Some of the biggest companies in tech are assembling new forms of online tracking that would follow users more aggressively than the open technologies used today. Just this week, word arrived that Microsoft is developing such a system, following, apparently, in the footsteps of Google

Quarter of mobile users fell victim to cybercrime last year (Telegraph) While nearly half of all smartphone users care enough about their mobile devices to sleep with them, 48 percent do not take even basic security precautions such as using passwords, having security software or backing up files from their mobile devices, according to a new report

Consumers Looking for Convenience In Mobile Security Measures (Bank Systems & Technology) Consumers are not taking basic steps for securing their mobile devices, but show an interest in more convenient security methods like biometrics, a new PayPal study found

Internet freedom declining, says Freedom House (FierceGovernmentIT) A Freedom House assessment of Internet freedoms in 60 countries finds the number of "free" countries vastly outnumbered by countries in which freedom restrictions range from partial to nearly absolute

Gartner Reveals Top Predictions for IT Organizations and Users for 2014 and Beyond (FierceITSecurity) Gartner, Inc. has revealed its top predictions for IT organizations and IT users for 2014 and beyond. Gartner's top predictions for 2014 combine several disruptive topics — Digital Industrial Revolution, Digital Business, Smart Machines and the Internet of Things — that are set to have an impact well beyond just the IT function

Rand Secure Archive Releases North American Survey Results on Data Governance (FierceITSecurity) Rand Worldwide (OTCBB: RWWI), a global leader in providing technology solutions to organizations with engineering design and information technology requirements, today announced the results from its Rand Secure Archive (RandSA) division's 2013 Rand Secure Archive Data Governance Survey

Mobile users give thumbs up to biometric security (FierceITSecurity) More than half of mobile users are comfortable using biometrics as a security measure to prevent unauthorized access to their mobile devices, according to a survey of 1,000 U.S. adults by Zogby Poll on behalf of PayPal and the National Cyber Security Alliance

Farzad Mostashari: Let me be blunt (FierceHealthIT) No longer constrained by the talking points that are part and parcel of life in public office, Farzad Mostashari, M.D., took the stage at the annual CHIME CIO forum in Scottsdale, Ariz., on Wednesday and spoke frankly about barriers to care transformation, limits of healthcare technology and other worries he has about the healthcare system

Big data use misaligned, mangled between healthcare providers, payers (FierceBigData) Immediate savings in healthcare costs from big data use are at risk given only 47 percent of healthcare providers are investing significantly in analytics. Further, 40 percent of providers said they had no plans at all to use big data and analytics tools. By comparison, 80 percent of payers are investing in analytics--although 14 percent of them won't use big data either. Providers, then, are likely to fail to deliver optimum savings and payers are likely to run into difficulties in getting actionable results from their big data findings since providers are apparently unwilling or unable to play ball

Marketplace

US shutdown hits BAE as 1200 staff in have pay frozen (London Evening Standard) Defence contractor BAE Systems became the first major British victim of the US government shutdown today as it stopped paying 1200 staff in the US and warned of the damage of a "protracted" closure

BlackBerry co–founders considering bid for business (Reuters) BlackBerry co-founders Mike Lazaridis and Douglas Fregin are considering a bid to buy the struggling smartphone maker, according to a securities filing on Thursday, raising the prospect of an alternative to a $4.7 billion (£2.93 billion) offer led by its top shareholder

Google Offer OSS Patch Bounty to Fixers (InfoSecurity Magazine) More and more software companies — including Google — have started to offer bug bounties to independent security researchers who find and responsibly disclose software flaws. Now Google will offer a bounty to OSS developers who also fix them

Swedish fingerprint sensor firm retracts claim it has been purchased by Samsung (update) (The Verge) Update: Fingerprint Cards has denied that the acquisition is taking place, blaming it on a fake press release. After posting news of the purchase on its own site, Fingerprint Cards has now issued a full retraction

Trend Micro Buys Broadweb (Softpedia) IT security giant Trend Micro has acquired Broadweb, a network security solutions provider based in Taiwan. Trend Micro wants to enhance the capabilities of its Custom Defense Solution with Broadweb's deep packet inspection and real-time malicious packets blocking technologies

Cisco Touts Security Boost From Sourcefire Deal (TechWeek Europe) Cisco closes the acquisition of Sourcefire, which will enhance its firewall and intrusion-detection capabilities

Procera Networks Joins the Global Network Initiative (ITBusiness) Supports GNI's Efforts to Protect Internet Users' Freedom of Expression and Privacy

Lookout Closes $55M In Strategic Financing (Dark Reading) Capital from Deutsche Telekom, Qualcomm, Greylock Ventures, and Mithril Capital Management will be used to continue international expansion

Lockheed Martin Opens New Cyber Security Intelligence Center (Scientific Computing) Lockheed Martin has opened its fourth Security Intelligence Centre (SIC) in Australia's national capital, Canberra, continuing the company's international extension of its cyber defense network. The Centre was opened October 3, 2013, by Sondra Barbour, executive vice president of Lockheed Martin's Information Systems and Global Solution

HealthCare.gov debacle a symptom of poor federal health IT processes (FierceHealthIT) Software developers have concluded the requirement that users sign up at HealthCare.gov before looking at information on health insurance "choked" the website, which already was hobbled by limited server capacity, the Washington Post reported

Persistent Obamacare troubles raise questions about proper online tests (MarketWatch) Troubles in signing up for online Obamacare applicants have persisted well into their second week, and the main HealthCare.gov site remains unable to get many seeking coverage into first gear

Products, Services, and Solutions

Facebook Privacy Feature Gone for Good (Threatpost) Late last year the world's largest social network announced that it would begin removing a popular privacy feature that let users regulate whether other users could search for and locate their profiles with the Facebook search function

Behold (And Maybe Fear) The New Self-Updating Online Address Book (Forbes) When entrepreneur Bart Lorang met his future wife in 2010, he fell in love with her address book, too. "She had pruned and preened it every week, and it had updated titles and photos and e-mails and phone numbers for pretty much everyone she knows," he says. "I wanted that address book. I wanted a perfect address book that just worked." So he created a startup called FullContact

Tamper–resistant jailbreak detection from Arxan (Help Net Security) Arxan announced new tamper-proof jailbreak detection security and environmental sensing technology. In addition to Arxan's pre-existing Guards, which are running on over 200 million devices, these new capabilities deliver enterprise-grade app and mobile environment security to prevent revenue loss, fraud and brand compromise

Apple's iWatch Will Let You Control Your Home, Says Analyst (Softpedia) A research note from Cantor Fitzgerald analyst Brian White suggests Apple has much bigger plans with the iWatch than originally projected. According to White's sources, it will be a multi-purpose tool that can even control home appliances

GFI Software launches cloud-based web protection service (Help Net Security) GFI Software announced the addition of its Web Protection service to GFI Cloud, which enables SMB IT managers to reduce exposure from Web-based security risks and productivity loss by managing Internet

Microsoft to Roll Out Government-Focused Cloud For U.S. Agencies (GovConWire) As part of a larger company release of cloud computing-based products, programs and partnerships, Microsoft announced this week it will roll out a public cloud environment for data, applications and infrastructure designed exclusively for use by U.S. federal, state and local government agencies

Technologies, Techniques, and Standards

Is the Breach Quadrilateral the Key to Understanding Security? (eSecurity Planet) The security business is full of different terms and methodologies for describing the threat model. In a presentation at the SecTor conference this week, Chris Pogue, director of Digital Forensics

Security essentials: What is two-factor authentication? (Naked Security) This October is National Cyber Security Awareness Month (NCSAM). So I thought I would write my inaugural Naked Security article on a topic near and dear to my heart: two-factor authentication

Passwords May Never Die for Legal Reasons (Enterprise Efficiency) "Passwords are dead," a Google information security manager decreed at last month's TechCrunch Disrupt. Other pundits have come to the same conclusion. However, these reports are greatly exaggerated

Waking Shark in second attack on UK banks (SC Magazine) The attack has been ordered by The Treasury and Bank of England to stress-test the security and resilience of the UK's banking and online payments system, which transfers trillions of pounds a day. The exercise will take place on an unspecified date in mid-November and is likely to involve the major high-street banks, Tier 2 and online banks like the Co-op, Virgin Money and Tesco Bank, the stock market and the big credit and debit card providers, Visa, MasterCard and American Express

Air Gaps (Schneier on Security) Since I started working with Snowden's documents, I have been using a number of tools to try to stay secure from the NSA. The advice I shared included using Tor, preferring certain cryptography over others, and using public-domain encryption wherever possible. I also recommended using an air gap, which physically isolates a computer or local network of computers from the Internet. (The name comes from the literal gap of air between the computer and the Internet; the word predates wireless networks.) But this is more complicated than it sounds, and requires explanation

Breaches happen, so be prepared (CSO) Rik Ferguson, the Vice President Security Research for Trend Micro, has a sobering warning. Your security will be breached. You can't stop it, you have to be ready. "You build your infrastructure on the assumption that a breach is going to happen. Your goal is to find out immediately and respond accordingly." In the past, security was all about creating barriers around your critical resources so that no one could get to them. While that remains a central plank of any security strategy, a more modern operational environment also focuses on mitigating the effects of a breach

Do what's right — an interview with Dr Hugh Thompson (CSO) With a background as a teacher at Columbia University and a sought after security expert, Dr Hugh Thompson of Blue Coat systems gained notoriety in 2006 when he hacked the electronic voting system in Florida for a PBS TV special. He has founded security companies and written several books on information security that have become required reading at many software companies

Goodbye, tracking cookies? Don't celebrate just yet (InfoWorld) Microsoft and Google are both rumored to be working on replacement ad-tracking technologies, but maybe cookies are the lesser of two evils

3 essential techniques to protect your online privacy (InfoWorld) Two–factor authentication, encrypted remote storage, virtual private networks: These are your weapons in the fight for Internet security

10 successful big data sandbox strategies (FierceBigData) Testing in a safe sandbox environment is just as crucial for big data and queries as it is for any other technology if IT is to keep oopsies from becoming enterprise-wide owies. However, sandbox testing of big data is very different from testing other technologies. Fortunately there are many strategies to perfect the effort and ten in particular will get you safely started

Design and Innovation

Cambridge High Tech Cluster Backed By New £50M 'Long–Term Finance' Fund (TechCrunch) There's a bit more money sloshing around the U.K.'s high tech Cambridge cluster, thanks to a new fund that's just been set up. The Cambridge Innovation Capital (CIC) fund has launched with an initial £50 million to invest, and a remit to help tech startups focus on developing their ideas and technology -- rather than having to divert energy in the short term to worrying about raising funding

Research and Development

Applied Communication Sciences Receives Department of Energy Grant for Groundbreaking Cyber Security Energy Infrastructure Research (Digital Journal) The US Department of Energy (DOE) has awarded Applied Communication Sciences (ACS) a grant to accelerate the development of advanced security monitoring capabilities in ACS's SecureSmart(TM) Monitoring Solution to help protect the nation's new Smart Meter infrastructure against cyber attack. The grant is part of $30 million in recently announced DOE awards to research, develop and demonstrate new tools and technologies to bolster the defense of the nation's energy delivery systems

Academia

New cybersecurity training program launched (Hometown Focus) Addressing the rising need for IT and cybersecurity professionals in Minnesota and across the country, Inver Hills Community College launched the Minnesota Cyber Aces State Championships, an online cybersecurity education and training program. Minnesota is one of six states hosting Cyber Aces, with over 6,500 people having participated in the program nationwide

NYU-Poly Cyber Security Judges Tap Top Student Teams in Hardware Hacking and Protection (Sacramento Bee) Eleven international collegiate teams have been chosen to compete in the final round of contests that will challenge their knowledge in one of the newest and most difficult fields within cyber security: testing and protecting electronic hardware. The teams will progress to the finals of the largest student events of its kind: Polytechnic Institute of New York University's (NYU-Poly) Cyber Security Awareness Week (CSAW), to be held on the school's Brooklyn campus November 14-16, 2013

Sypris Expands Purdue University Research Center (Wall Street Journal) Sypris Electronics LLC, a subsidiary of Sypris Solutions, Inc. (Nasdaq: SYPR), announced the grand opening today of its newly expanded Sypris Research Center. Sypris Electronics will be hosting a ribbon-cutting ceremony on Thursday, October 10, 2013 at its location in the Purdue Research Park in West Lafayette, Indiana

Legislation, Policy, and Regulation

Patriot Act author introduces bill to block NSA's use of the Patriot Act (Daily Dot) Now that it's 2013, can you imagine how embarrassing it must feel to have authored the Patriot Act a dozen years earlier? Especially considering that we live in an age where Americans are increasingly outraged that the National Security Agency tracks their phone calls--an act made legal through a secret court interpretation of that very law. The Patriot Act's author, Congressman Jim Sensenbrenner (R-Wis.), is going to try and fix it. He's introducing the USA FREEDOM Act, a bill specifically aimed at countering the portions of the Patriot Act that were interpreted to let the NSA collect telephone metadata in bulk

NSA Veterans: The White House Is Hanging Us Out to Dry (Foreign Policy) 'There has been no support for the agency from the President, and this has not gone unnoticed.' Gen. Keith Alexander and his senior leadership team at the National Security Agency are angry and dispirited by what they see as the White House's failure to defend the spy agency against criticism of its surveillance programs, according to four people familiar with the NSA chiefs' thinking. The top brass of the country's biggest spy agency feels they've been left twisting in the wind, abandoned by the White House and left largely to defend themselves in public and in Congress against allegations of unconstitutional spying on Americans

Intelligence in the Digital Age — The NSA PRISM Program (Defense Media Network) With all the discussion about the NSA's digital surveillance activities, the "Big Brother" analogy is becoming as trite as it is inaccurate. NSA systems analyst Edward Snowden's illegally disclosed information made the public keenly aware that the NSA gathers troves of metadata and digital content about foreign nationals and occasionally, U.S. citizens. This kind of surveillance has led many to liken the NSA's activities to the dictatorial menace in George Orwell's 1984. Yet this is a faulty comparison

How Snowden Might Help Cybersecurity (Lawfare) A few weeks ago the NYT had a piece by David Sanger about how the Snowden revelations will hurt if not kill the NSA's ambitious plans for cybersecurity defense in the U.S. homeland. "Administration officials say the plan, championed by Gen. Keith B. Alexander, the director of the National Security Agency and head of the Pentagon's Cyber Command, has virtually no chance of moving forward given the backlash against the N.S.A. over the recent disclosures about its surveillance programs."

Watchdogs call for surveillance authority changes (FierceGovernmentIT) Watchdog groups and information technology experts submitted comments to the Obama administration's National Security Agency surveillance review group as the deadline to do so closed Oct. 4

NSA tactics no better than a CYBERCRIME GANG, says infosec'er (Register) The NSA operates like a state-sponsored cybercrime gang using much the same tools and techniques as miscreants slinging banking trojans, one cynic has suggested. Anyone following the Snowden revelations knows by now that the NSA uses exploits and malware to spy on the online activities of targets, but ponytailed infosec expert Bruce Schneier has put together the clearest explanation to date on its methodology for running such attacks

Electronic Frontier Foundation bails from Global Network Initiative (Register) The Electronic Frontiers Foundation (EFF) has resigned from the Global Network Initiative (GNI), citing the presence of GNI members who co-operated with the NSA as making its ongoing involvement untenable

Obama's Efforts to Control Media Are 'Most Aggressive' Since Nixon, Report Says (Wired) The President Barack Obama administration has "chilled the flow of information on issues of great public interest," according to a Thursday report that amounts to an indictment of the president's campaign pledge of a more open government

Litigation, Investigation, and Law Enforcement

Lavabit Files Opening Brief in Landmark Privacy Case (Wired) Secure email provider Lavabit just filed the opening brief in its appeal of a court order demanding it turn over the private SSL keys that protected all web traffic to the site

U.S. shutdown forces delay in U.N. scrutiny of rights record (Chicago Tribune) The U.S. government shutdown has forced the postponement of U.N. scrutiny of its rights record, including over accusations of suspected abuses by the National Security Agency, immigration reform and access to abortion, activists said on Thursday

Legitimate users of Tor need not worry, says NCA (ComputerWeekly) The newly launched National Crime Agency (NCA) says criminals cannot hide on the hidden internet, but legitimate business users of anonymity software Tor are safe. The NCA has vowed to pursue criminal users of the hidden internet, known as the deep web or dark web, following the arrest of four UK men in connection with the Silk Road illegal online drugs market

The CIA Suspected Snowden Was Trying To Break Into Classified Computer Files In 2009 (Business Insider) In 2009 the CIA sent Edward Snowden home from Geneva amid suspicions that he was trying to break into classified computer files, Eric Schmidt of The New York Times reports. A supervisor wrote a derogatory report about Snowden in which he noted distinct changes in the CIA technician's behavior and work habits

First Picture Of Snowden In Russia Emerges (Sky News) Edward Snowden gets an award for "integrity in intelligence", in the first image of him to emerge since he left Moscow airport

NSA leaker Edward Snowden deserves a Nobel Prize, his father says (CNN) The father of NSA leaker Edward Snowden told reporters in Moscow that he thinks his son deserves a Nobel Peace Prize. He arrived there Thursday for his first visit with his son since the former government IT contractor fled the United States after leaking National Security Agency spy program details to the media

Canadian operator EasyDNS stands firm against London cops (Register) What's a UK crime unit doing messing around with DNS? Comment EasyDNS was the just the first of a number of global DNS operators who will be invited by a London IP crime unit to make one of their customer's domains, er, disappear. But the Canadian operator is standing firm

Skype under investigation in Luxembourg over link to NSA (Guardian) Ten years ago, the calling service had a reputation as a tool for evading surveillance but now it is under scrutiny for covertly passing data to government agencies

LulzSec Hackers Evade Irish Jail Time (Dark Reading) In Ireland's first-ever successful computer crime prosecution, two hackers with ties to LulzSec and Anonymous get probation and fines — but so far no extradition to face charges in the U.S. Two men charged by authorities in Ireland with hacking the website of one of the country's biggest political parties have been spared jail time and will have their criminal records cleared

Latvian Accused of Creating Gozi Virus Released from Jail (Softpedia) On Thursday, the Latvian Prosecutor's Office announced that Deniss Calovskis, the man accused of being involved in the development of the Gozi virus, was released from jail. Calovskis was charged in the United States back in January 2013, along with two other individuals allegedly responsible for the creation and distribution of the malware

Nearly 50k patient credit cards compromised by insider (SC Magazine) As many as 46,000 patients of Arizona-based Scottsdale Dermatology may have had personal information compromised, but two suspects — one of them an employee of the medical practice's billing firm — have been arrested

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Forensics and Incident Response Summit EU (Prague, Czech Republic, October 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to...

International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, October 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through...

VizSec 2013 (Atlanta, Georgia, USA, October 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer...

USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, October 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit...

SNW Fall 2013 (Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and...

Hexis Exchange (Athens, Greece, October 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such...

Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers,...

NSU Healthcare Cyber Security Summit (Fort Lauderdale, Florida, USA, October 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University,...

Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have...

Securing the Internet of Things Summit (San Francisco, California, USA, October 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications,...

13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security...

Cloud Connect (Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully...

cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, October 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting...

Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest...

Hack.lu 2013 (Luxembourg, October 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

Joint Federal Cyber Summit 2013 (Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished...

NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security...

BREAKPOINT 2013 (Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.

Ruxcon (Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...

FIRST Energy Symposium (Leesburg, Virginia, USA, October 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been...

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.

RSA Conference Europe (Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.