skip navigation

More signal. Less noise.

Daily briefing.

Indonesian hackers deface US State Department diplomatic mission sites. The motive is unclear: they may have done it just for the lulz.

The International Atomic Energy Agency (IAEA) warns member states it found malware on its networks in recent months. The IAEA doesn't think any data were lost.

International SOS—a medical and security service commonly used by study abroad programs—has been hacked, and users are advised to look to their data. This service sees heavy academic use, and it's worth reflecting that this episode, along with recent breaches at Sacramento State and Michigan State, can serve as a warning that academic networks represent a huge de facto BYOD experiment. It's no accident that uncontrolled endpoints, a vast attack surface, and attractive targets make them extraordinarily susceptible to attack. Note that younger users in universities and the workplace are so connected to their devices that they routinely ignore BYOD policies and prudent Internet hygiene. Surely there's work to be done here.

CryptoLocker ransomware continues to evolve in malice and efficiency. The SANS Institute blegs for info you may have on the campaign.

Here's a partial answer to what would fill Blackhole's niche in the criminal ecosystem: Cutwail hoods have replaced it with the Magnitude exploit kit.

SAP reports an "explosion" in its cloud revenue, which it happily attributes to post-Snowden surveillance backlash.

The Atlantic Council advises governments to get out of the way of industry cyber intelligence sharing. Governments worldwide struggle to evolve effective, workable security and privacy legislation.


Today's issue includes events affecting Australia, Austria, China, Ethiopia, European Union, France, Germany, Indonesia, Israel, Italy, Japan, People's Democratic Republic of Korea, Republic of Korea, Mexico, Nigeria, Qatar, Russia, Saudi Arabia, Thailand, Turkey, United Arab Emirates, United Kingdom, United Nations, United States..

Cyber Attacks, Threats, and Vulnerabilities

Website of U.S. (US Embassies, Consulates, and Diplomatic Missions Hacked by Indonesian Hackers (HackRead) In an extremely high profile hack, An Indonesian hacker going with the handle of Dbuzz has hacked and defaced the official blog of a website managed by the U.S. Department of State, dealing with U.S embassies, Consulates, and Diplomatic Missions all over the world. The blog was hacked yesterday where hacker left a deface page along with a short message

Malware infected some U.N. nuclear agency computers (Yahoo Finance) Malicious software infected some U.N. nuclear agency computers in recent months but no data in its network is believed to have been compromised, the agency said in a confidential note to member states

Hackers breach ISOS emergency records (The Dartmouth) International SOS, a global medical and security services company that is a primary resource for Dartmouth students traveling abroad, reported in September that its U.S.-based servers were hacked in late August. The cyber attack breached the company's emergency records, which contained clients' names, addresses, emails and passport information

Simple, but critical vulnerability in Verizon Protal revealed users' SMS history (Hacker News) A Security researcher discovered a critical privacy vulnerability on Verizon Wireless's Web-based customer portal that allows anyone to download user's SMS History and Numbers of other users he communicated with

Rogue ads lead to the 'EzDownloaderpro' PUA (Potentially Unwanted Application) (Webroot Threat Blog) We've just intercepted yet another rogue ad campaign, attempting to trick users into installing the EzDownloaderpro PUA (Potentially Unwanted Application). Primarily relying on catchy "Play Now, Download Now" banners, the visual social engineering tactic of this campaign is similar to other PUA related campaigns we've previously profiled. Let's take a look at this new rogue ad campaign, and provide relevant threat intelligence on the infrastructure behind it

Cryptolocker Update, Request for Info (Internet Storm Center) It was briefly mentioned in a previous posting, but the Cryptolocker ransomware is still going strong. In essence, post infection it encrypts all of your "document" files based on file extension and then gives the user 72 hours to pay the ransom ($300 USD or 2 BTC). It is one of the few pieces of ransomware that does encryption right so at present, short of paying the ransom, there is no other means to decrypt

CryptoLocker: Its Spam and ZeuS/ZBOT Connection (TrendLabs Security Intelligence Blog) CryptoLocker, the latest strain of ransomware, is best known for trying to force users into paying a fee by encrypting certain files and then later offering a $300 decrypting tool. In this entry, we discuss how it arrives and how it is connected with other malware, most notably ZBOT/ZeuS

BKDR_LIFTOH.AD (TrendLabs Threat Encyclopedia) This malware is involved in a ZBOT spam campaign that targeted British users. Once the malicious attachment is opened, it inevitable leads to the download of ZBOT malware into the affected system

Ransomcrypt: A Thriving Menace (Symantec) While Ransomlock Trojans have plagued the threat landscape over the last few years, we are now seeing cybercriminals increasingly use Ransomcrypt Trojans. The difference between Ransomlock and Ransomcrypt Trojans is that Ransomlock Trojans generally lock computer screens while Ransomcrypt Trojans encrypt (and locks) individual files. Both threats are motivated by monetary gains that cybercriminals make from extorting money from victims

Blackhole Arrests — How Has The Underground Reacted? (TrendLabs Security Intelligence Blog) About two weeks ago, it was reported that "Paunch", the author of the Blackhole Exploit Kit (BHEK), had been arrested by Russian law enforcement. (In addition to his work on BHEK, Paunch is also suspected of working on the Cool Exploit Kit.) Some reports suggested that associates of Paunch had been arrested as well, although how exactly they were tied to BHEK remains unclear

Cutwail Cybercriminals Replace BlackHole with Magnitude Exploit Kit (Softpedia) A group of cybercriminals that uses the Cutwail spam botnet to distribute malware has switched from BlackHole to the Magnitude (Popads) exploit kit. Ever since the author of BlackHole was arrested, cybercriminals are trying to find a replacement for it. At least one group has started using Magnitude, researchers from Dell's SecureWorks report

Darkleech in Europe, Middle East and Africa (FireEye) In a previous blog post, we discussed how Darkleech-related malware wound up on a FireEye partner's website. We followed up with a post detailing a major wave of Darkleech activity linked to a major global malvertising campaign. In this post, we focus on trends in Europe, the Middle East and Africa (EMEA). The data presented here covers the five-month period through Oct. 7, 2013

Chinese hotel guests find data spaffed all over the internet (The Register) Chinese hotel-goers beware — newspaper reports from the Middle Kingdom claim that the personal details of thousands of guests from major hotel chains have been leaked online

Phishing scam strikes MSU employees direct-deposit system (LSJ) Michigan State University police detectives are investigating an attempted theft of MSU employee direct-deposit payroll earnings related to a sophisticated online "phishing" attempt, a spokeswoman said Monday

Ouidad Acknowledges Data Breach (eSecurity Planet) Hair products company Ouidad recently began notifying an undisclosed number of customers that their personal information may have been accessed by hackers between June 30 and July 4, 2013

Hacker stole $100,000 from users of California based ISP using SQL injection (Hacker News) In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies using various techniques including DDoS attack, SQL injection, DNS Hijacking and Zero-Day Flaws

Can you trust the apps you use? (Help Net Security) With the advent of smartphones, the word "app" has almost become a synonym for pleasure. Whatever you need, whatever you want is right there at your fingertips, located in a few huge online marketplace

Facebook data mining tool uncovers your life (Help Net Security) You know you shouldn't post potentially damaging data on Facebook, but more often that not, your friends don't think twice about it, and this can impact you even more than you think

How Apple's Address Book app could allow the NSA to harvest your contacts (Ars Technica) When syncing your Address Book to Gmail, HTTPS encryption isn't an option

Security Patches, Mitigations, and Software Updates

Patching the Perpetual MD5 Vulnerability (Infosecurity Magazine) Earlier this month, Microsoft updated the security advisory that deprecates the use of MD5 hash algorithms for certificates issued by certification authorities (CA) in the Microsoft root certificate program. The patch has been released so that administrators can test its impact before a Microsoft Update on February 11, 2014, enforces the deprecation. This is an important move in the fight against the cybercriminal activity that abuses the trust established by cryptographic assets like keys and certificates

Cyber Trends

Generation Y Users Say They Will Break Corporate BYOD Rules (Dark Reading) Most young employees are so dependent on their mobile devices that they are prepared to break any policy that restricts their use, according to a new study

[Interview:] Mikko Hypponen (Tech and Law Center) Tech and Law Center interviews Mikko Hypponen, Chief Research Officer for F-Secure. He has worked for the company since 1991 and has led his team through the largest malware outbreaks in history. In 2003 Hypponen's team took down the global network used by the Sobig.F worm and in 2004 he was the first to warn the world about the Sasser outbreak. In 2007 he named the infamous Storm Worm and in 2010 he produced classified briefings on the operation of the Stuxnet worm. Hypponen is also an inventor for several patents, including US patent 6,577,920 "Computer virus screening". Mikko Hypponen has assisted law enforcement authorities in the United States, Europe and Asia on cybercrime cases

Legal and Political Perspectives of Cyber Security (Bit9) I recently listened to Paul Rosenzweig's Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare from the Great Courses. I found the content thought-provoking and relevant, which surprised me. Not knowing anything about Professor Rosenzweig or the Great Courses program, I expected the course to stay relatively shallow in order to appeal to a wide audience and the information to be stale due to lag in production times. But I was mistaken. I looked into Rosenzweig's background after getting sucked in by the first lecture and must admit I was surprised by the absence of computer science in his academic credentials, or Silicon Valley experience. Upon reflection I realize that the course shines because of those omissions, not in spite of them. He comes at the problems of cyber security primarily from legal and political perspectives, which makes it fresh to those of us who focus on it technically

In cyberarms race, North Korea emerging as a power, not a pushover (Mobile Device Management) A 4-year cyberattack-and-espionage campaign targeting key South Korean institutions suggests North Korean cyberwarfare capabilities are far more potent than previously believed

Consumers and Businesses Continue to Play Catch Up as Cybercriminals Develop More Sophisticated Attack Vectors (Digital Journal) ThreatMetrix™, the fastest-growing provider of integrated cybercrime solutions, continues its commitment to National Cyber Security Awareness Month by aligning to the week four theme, "Cybercrime." Criminals, especially cybercriminals, go where the money is. As more businesses adopt online transactions, cybercrime has become a lucrative market

Is antivirus worth the investment? (ComputerWeekly) Only 8% of European companies plan to decrease spending on antivirus (AV) in 2013, compared with 21% that will increase their investment in this area, according to a recent poll by Computer Weekly


Where To Find Next–Gen Cybersecurity Pros (InformationWeek) Millennials are generally uninterested in cybersecurity careers -- which is dangerous, given the shortage of experts in this vital field

Army Cyber Chief Meets Buyers In Pursuit Of Faster Acquisition (Breaking Defense) The Army's top cyber commander, Lt. Gen. Edward Cardon, met with acquisition officials for several days last week eager to find ways to buy capabilities within three years or less. Cardon told reporters at a roundtable here that he wanted to buy "faster, better, quicker" since the cyber realm doesn't really allow for the seven to 10 years a standard acquisition program usually takes

BAE Systems' DeEtte Gray on crisis management through sequestration, Snowden and shutdown (Washington Business Journal) During the shutdown, BAE Systems Inc.'s DeEtte Gray saw about 20 percent of her employees in the intelligence and security business excused from their jobs at customer sites. That came soon after Edward Snowden left a black mark on contractors in the intel space, fair or not, and all while sequestration continued to do a number on federal budgets

SAP Sales Jump After NSA Leaks (Bloomberg BusinessWeek) Edward Snowden's revelations about the National Security Agency may have embarrassed the Obama administration and irritated governments worldwide, but Jim Hagemann Snabe says the furor has been good for business. Snabe is co-chief executive officer of German software company SAP (SAP), the world's biggest maker of business management software, and he says customers are focusing more on SAP's ability to provide data security outside the U.S. Snabe spoke with Bloomberg Businessweek today after SAP announced a 5 percent increase in operating profit and reiterated its full-year forecasts, reassuring investors worried after disappointing results from rivals Oracle (ORCL) and IBM (IBM)

SAP responds to user fears of NSA spying in Australia (ComputerWorld) SAP may build a second data center in Australia to meet customer demand for locally delivered cloud services in the wake of revelations about the National Security Agency's Prism surveillance program. "When I talk to the public sector, it's clear they will only consume cloud if we can guarantee their data stays here in Australia. And we are ready for that," SAP co-CEO Jim Hagemann Snabe said in a recent story in the Australian Financial Review

SANS Institute and ETDA–ThaiCERT Collaborate to Build Thailand's National Cybersecurity Competency (Hispanic Business) The US-based SANS Institute, the most trusted and largest source for computer security training, certification and research worldwide and the Electronic Transactions Development Agency (Public Organization) (ETDA), of which the Thailand Computer Emergency Response Team (ThaiCERT) is a lead unit, announced the establishment of a partnership to facilitate Thailand's cybersecurity competency development

CACI Wins Army Intell, Info Warfare Task Order (ExecutiveBiz) CACI International has won a potential $40 million task order to help the U.S. Army's intelligence and information warfare directorate deploy intelligence and information tools and services to soldiers

Navy Picks 14 Companies for Potential $900M C5ISR Computing, Infrastructure Services IDIQ (GovConWire) Fourteen businesses have won positions on a potential five-year, $899,543,435 U.S. Navy contract for transport computing and infrastructure services related to C5ISR (command, control, communications, computers, combat systems, intelligence, surveillance and reconnaissance)

Doyle Choi Joins SRA as Civil Govt Growth VP (GovConWire) Doyle Choi, a 17-year veteran of Northrop Grumman (NYSE: NOC) and a former chief technology officer there, has joined SRA International as vice president of growth for the civil government group

Matt Keller Joins GuidePoint Security as IT Threat Management Becomes Top Priority for Government IT Departments (Digital Journal) Information security solutions provider hires new Vice President of Federal Services to address modern requirements to protect the federal IT environment against cyber attacks, identify theft, corporate espionage, accidental leaks and more

RSA CISO Eddie Schwartz Departs to Take Role as VP of Security at Verizon (SecurityWeek) RSA's Chief Information Security Officer (CISO) Eddie Schwartz has left the security division of storage giant EMC and taken on the role of VP of Security at Verizon Enterprise Solutions

Products, Services, and Solutions

BlackBerry resumes rollout of BBM for Android, iPhone (USA Today) BlackBerry is resuming the rollout of iPhone and Android apps for its popular BlackBerry Messenger mobile social messaging service

Catching Malware With DNS As A Service (Dark Reading) A cloud provider used to be the low-cost option for domain-name system (DNS) services, but the ability to act as a security proxy has convinced many that cloud is better

The Coders Who Built The Obamacare Website Knew It Had Huge Problems (Business Insider) Insiders who worked on US health website describe high stress, complaints about major problems

Missing standards created integration struggles with (CSO) Insurers faced problems connecting software to federal government's online health insurance marketplace

Mindspeed and Lionic to Demonstrate Intelligent Quality of Service Capabilities for Broadband Home Routers (Wall Street Journal) Mindspeed Technologies, Inc. (Nasdaq:MSPD), a leading supplier of semiconductor solutions for network infrastructure applications, and Lionic Corporation, a worldwide supplier of innovative network security solutions, today announced that the Deep Packet Inspection (DPI) engine in Mindspeed®'s Comcerto® 2000 communication processor family will be showcased in a live quality of service (QoS) demonstration at the 13th Annual Broadband World Forum in Amsterdam this week

ThreatTrack Security Delivers Advanced Threat Analysis to Re–Sec Technologies (Hispanic Business) ThreatTrack Security today announced a partnership with Re-Sec Technologies, an enterprise security firm based in Israel. Re-Sec will integrate ThreatTrack Security's ThreatAnalyzer malware analysis sandbox technology into its MachineSafe security platform

Mobile IDS/IPS solution for iOS devices (Help Net Security) Skycure introduced its mobile IDS/IPS solution that protects iPhones and iPads by monitoring network traffic behavior and remediating suspicious activity. Existing solutions either do not provide

Internet of Things starter kit from IBM and Libelium (Help Net Security) IBM and Libelium released an Internet of Things Starter Kit to enable dozens of sensor applications ranging from monitoring parking spaces or air pollution to providing assistance for the elderly

Google's Digital Attack Map plots DDoS attacks around the world (Graham Cluley) One of the most common attacks seen against a website is a distributed denial-of-service (DDoS) attack, where malicious hackers command botnets of hijacked computers around the world to bombard a particular website with traffic — causing it to fall over

Google fights 'censorship via cyber attack' with Project Shield (Graham Cluley) Having wowed us with its neat, interactive world map of DDoS attacks, Google says it is expanding its DDoS mitigation to help protect free expression online

Technologies, Techniques, and Standards

How To Avoid Breaches Where You Least Expect Them (Dark Reading) In the real world of constrained budgets and limited personnel, prioritization of security resources is a must. Many departments prioritize practices based on the severity of vulnerabilities, the value of a target, and the likelihood of a threat hitting said target. However, the flip side of that is to remember the real world is also a connected one. And as many security experts can attest, enterprises often forget to account for how attacks against the vulnerabilities in less critical systems can jeopardize the crown jewels

Fingerprints are Usernames, not Passwords (From the Canyon Edge) As one of the maintainers of eCryptfs, and a long time Thinkpad owner, I have been asked many times to add support to eCryptfs for Thinkpad's fingerprint readers

Defending Against Crypto Backdoors (Schneier on Security) We already know the NSA wants to eavesdrop on the Internet. It has secret agreements with telcos to get direct access to bulk Internet traffic. It has massive systems like TUMULT, TURMOIL, and TURBULENCE to sift through it all. And it can identify ciphertext — encrypted information — and figure out which programs could have created it

Thinking outside the IT audit (check)box (CSO) More enterprises fight to move their programs from compliance management to security risk management

Passing PCI firewall audits: Top 5 checks for ongoing success (CSO) Tufin's Reuven Harrison shares tips on how to set a sustainable standard for both security and PCI compliance

Wall Street learns from simulated cyber attack (USA Today) Driving home just how serious the growing threat of cyber attacks are on financial markets, the industry stress-tested its trading systems and crisis management responses with simulated malicious attacks in an exercise dubbed 'Quantum Dawn 2'

Cybersecurity in the Work Place (SIGNAL Magazine) When it comes to cybersecurity, companies are only as strong as their weakest link. In most cases, the weakest link can be organizations' own employees. Social engineering, rogue email attachments and access through telecommuting are just a few of the ways cybercriminals can creep into otherwise secure networks

Don't lose control of those fast–breeding endpoints (The Register) So you want to know about security? Well you have come to the right place. I have been here for a while and I can tell you that outside these gates it's full of cowboys, sharks and pirates, none of whom will hesitate to take what is yours and call it their own. The above is is a quote from a brochure I wrote in an attempt to connect with small and medium-sized enterprises (SME) owners and CEOs on the topic of endpoint security

Securing Your Cloud Environment (IT Business Edge) Security in the cloud has been a hot topic for a long time now, yet many individuals and organizations fail to realize the implications of security, while others have not performed enough due diligence to seize the necessary solution. Cloud computing requires controls for addressing threats that jeopardize confidentiality, integrity and availability. The purpose of this article is to delineate existing cloud security implications and determine which cloud archetype is best suited for a particular business case

The IT road to hell (Help Net Security) The past several months have been an unending nightmare for the US government and its allies, as one disclosure after another has caused unimaginable damage to relationships, and has potentially compromised Western security to an extent that we cannot even begin to imagine. We all have our opinions regarding the extent to which government should be allowed to know what we are doing, or what our entitlement is to have full disclosure, but it's probably safe to assume that the majority tend to assume that what is done, and how it is done, is ultimately for our own good. And the same holds true in business. We trust our employers up until the point that we discover that our jobs have been transferred to some offshore company, or have been outsourced to one of the many service providers who appear to offer investors the best ROI

Protecting private email on the internet from eavesdroppers (Graham Cluley) Independent security expert Per Thorsheim is the founder and main organiser of Passwordscon, a conference devoted to passwords. In this article he calls for more mail servers to beef up their security - by adopting STARTTLS to prevent email eavesdropping

Security Think Tank: When cyber insurance is right and when it is not (ComputerWeekly) Cyber insurance has existed since the early 1980s, and interest in this area has grown in the past two decades as the use of IT has become more pervasive in businesses. But the cyber-insurance market remains immature, because the risks underlying the coverage are difficult to quantify from an actuarial standpoint

Security Think Tank: Cyber insurance no substitute good security practices (ComputerWeekly) You cannot improve your data protection using insurance products without increasing costs. To get insurance protection you need to have good demonstrable, documented and maintained security practices in place, such as ISO 27001 certification, as well as additional requirements (ISO 9001, ITIL, dedicated skilled security staff etc)

7 Ways to Inspire Kids to Think About Their Online Rep (McAfee) Sometimes before we start talking to our kids it's wise to stop for just a moment and think back. Do you remember when you were growing up and your mom had to dynamite you off the phone because you talked for hours? How about exchanging marathon notes between classes or having a sleepover and talking until morning

Research and Development

Romanian security company Bitdefender has obtained co-financing (Balkan Business News) Romanian security company Bitdefender announced that it has obtained co-financing in value of RON 3.2 million (nearly EUR 720,000) for an innovation project. The financing was granted during the competition of R&D projects The Stimulation of High-Tech Export, under the supervision of the Executive Unit for Financing Higher Education, Research, Development and Innovation


Raytheon expands math and science education initiatives internationally (Yahoo! Finance) Middle East programs launched as part of global corporate citizenship portfolio

Colleges: High Rate of Infection (Industrial Safety and Security Source) Of all the agencies, businesses and universities in the world, colleges fall victim to malware attacks more frequently, a new report said

Legislation, Policy, and Regulation

Industry, not government, must lead in sharing cyber threats, expert says (Federal News Radio) The government needs to get out of the way of the private sector sharing cyber threat information. So says Jason Healey, the director of the Cyber Statecraft Initiative for the Atlantic Council

Sorry, lobbyists! Europe's post–Snowden privacy reform gets a major boost (Gigaom) The European Parliament's civil liberties committee has endorsed all of Green MEP Jan Phillip Albrecht's suggestions for tougher privacy legislation, reversing much of the lobbying work done by technology firms and the U.S. government before the NSA scandal broke

Nigerian government under fire for expansion of surveillance programs (Privacy International) A sizeable political controversy has engulfed President Goodluck Jonathan's Government in Nigeria, where details surrounding its plans for the total surveillance of Africa's most populous country continue to emerge

Secrecy and lies (The Economist) A tough new law on secrecy has suddenly become controversial. "A paradise for spies" is how a former agent of the Soviet KGB described Japan in the 1980s. Little has changed, though now the politicians and bureaucrats more often pass information to journalists than to foreign agents. But this autumn Shinzo Abe, the prime minister, is trying to stop the leaks by passing a forceful new secrecy law, even as he seeks to pass economic reforms as part of his programme of measures known as "Abenomics". He also wants to legislate for a new national security council in order to centralise intelligence information and speed decisions on national security. New rules on secrecy are needed for it to function well, says the government. The media, fearful for press freedom, are crying foul

Battle for the future of Italy's internet: Protests build against site–blocking law (ZDNet) A copyright regulation set to come into effect next year is drawing the ire of a diverse coalition of activists, lawyers and ISPs

Ethiopia: INSA to Be Reestablished (All Africa) Foreign, Defense and Security Affairs Standing Committee with House of People's Representatives (HPR) discussed with stakeholders on Friday a draft bill providing for the reestablishment of the Information Network Security Agency (INSA)

Cyber attacks by "entities" within China and Russia caused "extensive illicit intrusions into U.S. computer networks", report says (Ground Report) "Specifically highlighting China and Russia as being of particular concern, Director Clapper suggested `entities within these countries are responsible for extensive illicit intrusions into U.S. computer networks and theft of U.S. intellectual property", the report said. Contained within the pages of a 2013 unclassified Senate report ( 113-007 ) were details of a series of cyber attacks launched against the United States in 20011, possibly 2012

After General Alexander, Obama should split the NSA to make us all safer (The Guardian) The NSA's aggressive pursuit of Big Data has not only invaded our privacy, but also left us more vulnerable to cyber attack

The NSA's Excuses Don't Hold Up (Defense One) The basic government defense of the NSA's bulk-collection programs—whether it be the list of all the telephone calls you made, your email address book and IM buddy list, or the messages you send your friends—is that what the agency is doing is perfectly legal, and doesn't really count as surveillance, until a human being looks at the data

White House on French NSA complaint: 'all nations' spy (Global Post) The White House on Monday brushed off France's complaints about new allegations of eavesdropping by a top US espionage agency, saying "all nations" conduct spying operations

Mexico condemns alleged NSA hacking of president's email (ComputerWorld) The Mexican government has condemned newly reported spying activities of the U.S. National Security Agency against the country's former president while he was in office

Mexican Government Shocked to Learn the U.S. Spies they Let into the Country Were Spying on Them (Slate) There doesn't seem to be any let-up in the scoops coming out of Edward Snowden's NSA files. Over the weekend, in addition to a Le Monde report alleging that the U.S. intercepted more than 70 million French phone calls, an article in Der Spiegel reported that the NSA had hacked into the e-mail domain used by former Mexican President Felipe Calderon and his cabinet and monitored the cell phone communications of current President Enrique Pena Nieto while he was a candidate

Litigation, Investigation, and Law Enforcement

To Move Drugs, Traffickers Are Hacking Shipping Containers (Motherboard) The scheme sounds like a work of near science fiction. But police in the Netherlands and Belgium insist its true, and say they have the evidence to prove it: two tons of cocaine and heroin, a machine gun, a suitcase stuffed with $1.7 million, and hard drive cases turned into hacking devices

Online child abuse study examines nasty new trends including sextortion (Naked Security) A European study into the commercialisation of child sex abuse online suggests that sexual images and videos shared between youngsters may become a major target for traffickers, who are using increasingly aggressive tactics to gain remote power over vulnerable kids

Edward Snowden is no traitor (Washington Post) What are we to make of Edward Snowden? I know what I once made of him. He was no real whistleblower, I wrote, but "ridiculously cinematic" and "narcissistic" as well. As time has proved, my judgments were just plain wrong. Whatever Snowden is, he is curiously modest and has bent over backward to ensure that the information he has divulged has done as little damage as possible. As a "traitor," he lacks the requisite intent and menace

British Hacker Sentenced to Jail for Using Stolen Credentials for Online Shopping (Softpedia) 25-year-old Andrew Morgan of Immingham, UK, has been sentenced to three years and eight months in prison for stealing account credentials which he used to purchase goods worth £70,000 ($112,000 / €82,600) from various online stores, including Amazon and eBay

MoJ fined £140K for EMAILING privates of 1,000 inmates (The Register) Bewildered families of 3 lags mailed data by SAME clerk in 3 SEPARATE mistakes

How FBI brought down cyber–underworld site Silk Road (USA Today) Criminals who prowl the cyber-underworld's "darknet" thought law enforcement couldn't crack their anonymous trade in illegal drugs, guns and porn. But a series of arrests this month, including the bust of the black market site Silk Road, shows the G-men have infiltrated the Internet's back alley

Inside Anonymous: LulzSec hacker 'Topiary' talks life on a small Scottish island and how he was caught (TNW) "'Conspiracy to commit computer misuse with intent to disrupt or impair the operation of a computer or computers'," commenced Jake Davis in front of a packed auditorium at Wired 2013. "This is what I was sent to prison for." If that just made you blurt out 'huh?', you're not the only one. "Don't worry if you didn't understand that sentence, because neither do I and neither does anyone else in the entire world," he continued

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security...

Cloud Connect (Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully...

cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, October 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting...

Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest... 2013 (Luxembourg, October 22 - 24, 2013) is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

STEM family night returning to Arundel Mills (Arundel Mills Mall, Maryland, USA, October 23, 2013) The Fort Meade Alliance is hoping to spark interest in future engineers and doctors at their third annual STEM family night Wednesday at Arundel Mills mall.

Joint Federal Cyber Summit 2013 (Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished...

NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security...

BREAKPOINT 2013 (Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.

Ruxcon (Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...

FIRST Energy Symposium (Leesburg, Virginia, USA, October 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been...

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.

RSA Conference Europe (Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning...

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...

Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, October 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will...

TrustED 2013 (Berlin, Germany, November 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing...

OKTANE 1 (San Francisco, California, USA, November 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your...

MIRcon 2013 (Washington, DC, USA, November 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress.

KMWorld 2013 (, January 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development...

cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile -- Today and Tomorrow by Guy Levy-Yurista, Ph.D. (available at various nodes, November 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly...

Cyber Education Symposium (Arlington, Virginia, USA, November 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways...

APPSEC USA (New York, New York, USA, November 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security...

IT Forum Expo/Black Hat Regional Summit (, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions...

2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, November 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.