skip navigation

More signal. Less noise.

Daily briefing.

Deliberation precedent to a punitive strike on Syrian targets continues, with cyber operations widely expected to play a part. Assad's Syrian Electronic Army (SEA) is relatively quiet today, although pro-regime hacktivists' second stringers commit minor acts of cybervandalism. Yesterday's claims that hacktivists have emails showing the US Joint Staff faked chemical attacks sink without trace—failed black propaganda.

Cyber conflict makes strange bedfellows. Anonymous claims to have "taken down" the SEA and confirmed Krebs' identification of the group's leadership.

Other Anonymous cells call for cyber jihad (against the US and Israel) on September 11, and protests against Brazilian corruption on September 7. Such #Ops have a weak recent track record.

Researchers at Georgetown and the Naval Research Laboratory (NRL) show how Tor can be de-anonymized by traffic correlation, that is, through determined use of metadata. (NRL should know—it invented Tor.)

Supermicro's Baseboard Management Controller is vulnerable to data theft. Familiar threats assume new forms: Citadel, Backdoor.Darkmoon, and NetTraveler. Some good news: Hand-of-Thief proves lamer than feared, and a glut of commodity botnets cuts into black market profits. As Kim Dotcom exits Mega for the music biz, a developer says he pwns Mega's master key.

State-sponsored cyber attacks are expected to increase (routers and switches being preferred targets).

In industry news, In-Q-Tel invests in Socrata, Spry Methods buys James Secure Solutions, and Arbor acquires Packetloop. Silent Circle offers an anonymous messaging tool. Brazil's government is developing a secure alternative to Gmail and Hotmail.

Business Insider claims Russia's FSB penetrated Wikileaks.


Today's issue includes events affecting Argentina, Australia, Bangladesh, Brazil, China, Egypt, India, Israel, Japan, Pakistan, Russia, Sweden, Syria, Taiwan, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Syria, Egypt strife sparks surge in cyber attacks — McAfee (Cyberwarzone) Syria's civil war and political strife in Egypt have thrown up new battlegrounds on the Web and driven a surge in cyber attacks in the Middle East, according to a leading Internet security company. More than half of incidents in the Gulf this year were so-called "hacktivist" attacks — which account for only a quarter of cybercrime globally — as politically motivated programmers sabotaged opposing groups or institutions, executives from Intel Corp's software security division McAfee said on Tuesday

How to Use Cyber Weapons Against Assad (The Atlantic) As we weigh taking action Syria, a strike using technology, rather than missiles, might be the best option

Assad's Anonymous Cyber-Force: Who is the Syrian Electronic Army? (International Business Times) The Syrian Electronic Army is representative of a much wider move online in modern warfare. While we are yet to truly see a full–scale cyber–war, almost every single conflict taking place around the globe is being fought in some part in cyber–space

'Anonymous' to Reg hack: We know SEA leaders' names (The Register) Anonymous hacktivists say they've taken down Syrian Electronic Army hacktivists. Following the Syrian Electronic Army's (SEA's) attack on a Melbourne IT reseller which resulted in the temporary compromise of domain name records for targets as diverse as The New York Times and Twitter, a group claiming association with Anonymous now says it has compromised SEA databases and servers

Could an extra $50 really have prevented The NYT hack? (Business Spectator) It seems no stone was left unturned in the hurricane of mass confusion surrounding last week's hack of The New York Times. What else can you expect when you combine a high profile target (the New York Times), with an obscure issue (DNS security) and a local company (Melbourne IT), where it's difficult to comprehend their core business is at best of times, let alone on a tight deadline

Syrian Electronic Army Defaced Marines Website, US Confirms (1070 WAPI) U.S. officials confirmed a cyber attack by the Syrian Electronic Army on the Marine Corps recruiting website late Monday in which the pro-Assad collective replaced the normal page with one calling on U.S. servicemen to refuse orders to fight in Syria should they be called

#OpIsrael: Anonymous calls on all Muslim hackers for joint cyber attack on US and Israel on September 11, 2013 (Hack Read) A YouTube video has been circulating on the internet for last couple of days in which online hackavist group Anonymous has called on Muslim hackers from around the world to join them in a joint operation against US and Israel on September 11, 2013 at the anniversary of 9/11 attacks in New York City. The message on the video bashes US and Israel for conducting wars over Muslim world and threatens that the

#OpFreeSyria: 40 Chinese Educational Websites Hacked by Team Hacking Argentino (Hack Read) The Argentinian hackers from Team Hacker Argentino have hacked and defaced total 40 Chinese educational websites for #OpFreeSyria, an ongoing online operation in support of Syrian president Bashar al Assad. Hackers left a deface page along with a message on all hacked websites with an audio and text message, defending Syrian government and asking the government of the world not to interfere in Syria

Bangladesh's Largest IT University Daffodil hacked, server rooted by 3xp1r3 Cyber Army (Hack Read) Two hackers going with the handle of ExpirED BraiN and IceCream from 3xp1r3 Cyber Army have hacked and defaced the official website of Bangladesh's largest Information Technology 'Daffodil University'. The hackers also rooted the university server, as a result 84 of its sub-domains were also defaced today. All hacked sites were left with a deface page along with a message which gives us a little bit of clue

Pakistani Hacker hacks website of Indian Bioresource Information Network (IBIN) (Hack Read) A famous Pakistani hacker going with the handle of h4x0r HuSsY is back, this time the hacker has hacked and defaced the official website of Indian Bioresource Information Network (IBIN) under government of Goa, India. The site was hacked today, left with a deface page along with a message in which hacker has been bashing Indian hackers for attacking Pakistani cyber space. The deface message was expressed in

#OP7: Anonymous Brazil calls for biggest protest in the history of Brazil on September 7 (Hack Read) The online hackavist group Anonymous Brazil has asked Brazilians to join them on 7th September 2013, the country's independence day in one of the biggest protest against politicians and massive corruption. The protest will be conducted under the tag of '#OP7' in 140 cities especially against group of politicians involved in stealing massive amount of money from the government for ages without being charged

"Homeless hacker" Commander X quits Anonymous, retreats to robot lab (Ars Technica) Will "fade into the mists of myth and legend."Last year, I traveled to Canada to write a long profile of "homeless hacker" Christopher Doyon, who goes by the name "Commander X" and who is on the run from the US government. (Doyon brought down a California county's website for 30 minutes, with the help of Anonymous, as part of his protest over an "anti—sleeping" law targeting homeless people; he is under indictment in the Northern District of California and is the only known Anon who has jumped bail to live "in exile.") Doyon's life has been by turns bizarre and dramatic, but last week the online drama surrounding Anonymous proved too much even for him—and he quit

Persistent adversaries can identify Tor users (Help Net Security) Using the Tor network will not you grant perfect anonymity - in fact, a group of researchers from the US Naval Research Laboratory and Georgetown University say that "Tor users are far more susceptible

PRISM repercussion on the Tor network accesses (Security Affairs) The use of Tor Network to preserve user's anonymity and to avoid government surveillance, we discussed this topic several times explaining that through the analysis of Tor metrics data it was possible to study the effect of political events in the cyberspace. Cyberspace and ordinary life are directed linked, a disorder in the every part of globe has its repercussion on the cyber domain and viceversa. Analyzing the use of Tor Network it is possible to detect social protests or censorship/surveillance applied by any government

NSA Laughs at PCs, Prefers Hacking Routers and Switches (Wired) The NSA runs a massive, full-time hacking operation targeting foreign systems, the latest leaks from Edward Snowden show. But unlike conventional cybercriminals, the agency is less interested in hacking PCs and Macs. Instead, America's spooks have their eyes on the

Attacker could gain control of Supermicro's industrial control system, warns CERT (FierceITSecurity) An attacker could steal sensitive information, launch a denial of service attack, or gain control of Supermicro's (NASDAQ: SMCI) Baseboard Management Controller through multiple vulnerabilities, warned CERT in a vulnerability note issued Friday

G20 Summit Used as Bait to Deliver Backdoor.Darkmoon (Symantec) Ahead of tomorrow's G20 summit in Saint Petersburg, Russia, attackers are leveraging the meeting's visibility in targeted attacks. One particular campaign we have identified is targeting multiple groups. They include financial institutions, financial services companies, government organizations, and organizations involved in economic development

Malware Delivered by Fake Xerox Emails, says Bitdefender (SPAMfighter News) According to security firm Bitdefender, a new spam email campaign is currently masquerading across the Internet which is abusing the name and popularity of

Malicious Spammers Bait Facebook Users with Fake News Feed (ThreatTrack Security Labs) Here's something new about Facebook spam: the criminals behind this latest campaign are now using Facebook's "news feed" as lure to get recipients clicking on malicious links

Citadel botnet resurges to storm Japanese PCs (The Register) Banking Trojan infects 20,000 IP addresses. Citadel, the aggressive botnet at the heart of a widely criticised takedown by Microsoft back in June, is back and stealing banking credentials from Japanese users, according to Trend Micro. The security vendor claimed to have found "at least 9 IP addresses", mostly located in Europe and the US, functioning as the botnet's command and control servers

APT malware NetTraveler learning new tricks (CSO) Advanced Persistent Threat exploits Java vulnerabilities, embraces watering hole technique, says researcher. An Advanced Persistent Threat (APT) called NetTraveler has been spotted making mischief again, but it appears to have learned a few new tricks since it was last spotted in June. The malware is now attacking a known Java vulnerability, CVE-2013-2465, and added water holing to its propagation strategy, according to new research from Kaspersky Lab

Chinese Cyberspies Enlist Java Exploit (Dark Reading) The so-called NetTraveler targeted attack campaign discovered earlier this year by Kaspersky Lab is now employing an exploit that takes advantage of a just-patched Java bug, and is also adopting the increasingly popular waterholing technique to infect targets. NetTraveler, a.k.a. Red Star, Travnet, and Netfile, is a less sophisticated but persistent attack campaign with uncanny longevity: For nearly 10 years, it has targeted hundreds of victims in 40 different countries across governments, embassies, oil and gas, military contractors, activists, and universities. The APT group is made up of some 50 members and has traditionally employed patched Office exploits — namely CVE-2012-0158

Hand of Thief Linux Trojan fails to work as promised (Help Net Security) RSA researchers have recently spotted a banking Trojan targeting Linux systems being sold online by a cybercrime team based in Russia. Dubbed Hand of Thief by its creator(s), the malware apparently has form grabbing and backdoor capabilities, and is able to block the victims' access to hosts offering AV solutions and security updates. It also purportedly works on 15 different Linux desktop distributions and supports 8 different desktop environments

Suspicious Responses: Shining a New Light on an Old Threat (Umbrella Labs) OpenDNS users may have noticed an intriguing security feature in their dashboard: the ability to block "suspicious responses." When enabled, this feature blocks any DNS response containing IP addresses within a private IP range

San Francisco InterContinental Hotel Admits Security Breach (eSecurity Planet) An undisclosed number of guests' names, mailing addresses, e-mail addresses, phone numbers and credit/debit card numbers may have been accessed

Packet captures and log files for Port 14566 (Internet Storm Center) A recent uptick in Port 14566 shows some activity over the past month, as shown in our DShield Report(1), however we have little information about what exactly is happening. Some activity, then a lag near the end of August, followed by a large spike at the end, and the top port the past 24 hours, is curious. A search of that port using Google and other security and traffic sites has yielded little, so if anybody has log files or activity of this port, we'd love to have a look

Software developer releases tool that claims to reveal Mega users' master key (Parity News) Michael Koziarski, a software developer, has released a browser based JavaScript bookmarklet, which he claims has the ability to reveal Mega users' master key. Koziarski went onto claim that Mega has the ability to grab its users' keys and use them to access their files. Dubbed MegaPWN the tool not only reveals a user's master key, but also gives away a user's RSA private key exponent. "MEGApwn is a bookmarklet that runs in your web browser and displays your supposedly secret MEGA master key, showing that it is not actually encrypted and can be retrieved by MEGA or anyone else with access to your computer without you knowing," reads an explanation about the bookmarklet on its official page

Energy Department Updates Breach Count, Says 53,000 Affected (InformationWeek) DOE offers employees a free year of identity theft monitoring services after hackers steal personal info, including social security numbers

How much does it cost to buy one thousand Russian/Eastern European based malware-infected hosts? — part two (Webroot Threat Blog) We continue to observe greed-centered underground market propositions selling access to malware-infected hosts based in Russia and Eastern Europe, a practice which has been largely avoided by cybercriminals for years in order to avoid attracting the attention of local law enforcement. How are these prices shaped? Are these examples an indication of a trend, or a fad largely based on the seller's inability to secure a long-term revenue stream for selling? Are we witnessing a commoditization and over-supply of malware-infected hosts based in developed countries? Let's find out

Online Attack Leads to Peek Into Spam Den (New York Times) For years, Igor A. Artimovich had been living in a three-room apartment he shared with his wife in St. Petersburg, sitting for long hours in front of his Lenovo laptop in his pajamas, drinking sugary coffee. If he were known at all to Western security analysts who track the origins of spam, and in particular the ubiquitous subset of spam e-mails that promote male sexual enhancement products, it was only by the handle he used in Russian chat rooms, Engel

Anatomy of a killer bug: How just 5 characters can murder iPhone, Mac apps (The Register) What evil lurks in the Unicode of Death…oh, a buffer overrun. There has been much sniggering into sleeves after wags found they could upset iOS 6 iPhones and iPads, and Macs running OS X 10.8, by sending a simple rogue text message or email. A bug is triggered when the CoreText component in the vulnerable Apple operating systems tries to render on screen a particular sequence of Unicode characters: the kernel reacts by killing the running program, be it your web browser, message client, Twitter app or whatever tried to use CoreText to display the naughty string

Woah! Read this before you update the Google Authenticator app on your iPhone (Graham Cluley) Google has updated Google Authentictor, its iOS app for managing two factor authentication codes for accessing accounts. But if you install the app onto your iPhone or iPad, you'll find it wipes out all of your existing account information

Cyber Trends

State–Sponsored Cyber Attacks — This is Only the Beginning: Survey (SecurityWeek) The consensus of nearly 200 senior IT security professionals attending Black Hat USA 2013 in Las Vegas is that we're losing the battle against state-sponsored cyber attacks and things are not going to improve any time soon

Data–Security Expert Kaspersky: There Is No More Privacy (Wall Street Journal) Russia's Eugene Kaspersky Talks to WSJ About Growing Cyberthreats. A month after National Security Agency leaker Edward Snowden arrived at the airport here, Russian computer-security expert Eugene Kaspersky fielded a question on the newly-exposed U.S. surveillance programs at his office down the road. "There is no more privacy," the 47-year-old CEO of antivirus software firm Kaspersky Lab told a group of journalists

Data Privacy, Ownership In Precision Agriculture (PrecisionAg) The line between what data and information a grower is willing to share, and a company is allowed to use, will keep vacillating in the future

Over one–fifth of people use ad–blocking software—and it's beginning to hurt (Quartz) Last week, Quartz reported on an unlikely crowdfunding campaign: The browser extension AdBlock, which does exactly what its name says, is raising money so it can fund online ads that tell people how to use it to block online ads. As of this writing, the campaign has surpassed its second goal of $50,000, which AdBlock says will allow it to not only post online ads but also get space on a billboard in Times Square. We estimated that AdBlock is probably doing rather well for itself through donations alone and noted that the more people use AdBlock the more it could harm sites that rely on advertising revenue to stay afloat

Vulnerabilities Everywhere (Secunia) Every day, we read about cyber-attacks and data breaches, incidents that represent in many cases a disaster for private companies and governments. Technology plays a significant role in our lives; every component that surrounds us runs a piece of software that could be affected by flaws and exploited by those with ill intentions


Amazon hiring 'top secret' IT staff as it fights for CIA work (Computer World) Government private cloud bid represents new approach for Amazon — one that has put it at odds with IBM. The U.S. isn't doing a good job keeping secrets. Think Edward Snowden. But demand for trustworthy IT professionals is strong, especially if they want to work for Amazon Web Services

New Systems Seek to Connect Troops at the Tip of the Spear (SIGNAL Magazine) Two ongoing military programs, one getting ready to deploy and another still in the prototype stage, aim to connect troops at the very tactical edge back to larger military data and communications networks. These programs—one service–oriented, the other an agency effort—are part of the Defense Department's thrust to make warfighters, especially individual soldiers in small units, more connected

Landrieu seeks 'cyber footprint' for Louisiana (FCW) Sen. Mary Landrieu wants the federal government to build out its cybersecurity capabilities in her home state, far away from the federal contracting hub inside the Beltway. The Louisiana Democrat — who is up for re–election in 2014 — has parochial reasons for making such a pitch. But some experts agree with her

DRC Wins $6 Billion Blanket Purchase Award for Cyber Security Support (Wall Street Journal) Dynamics Research Corporation (Nasdaq:DRCO), a leading technology and management consulting company focused on driving performance, process and results for government clients, today announced it was one of 17 awardees of a $6 billion blanket purchase agreement for the Department of Homeland Security Continuous Diagnostics and Mitigation, Tools and Continuous Monitoring as a Service program to deploy continuous monitoring tools and services throughout the federal government. The contract has a one–year base period of performance and four one–year option years

GridCOM Technologies Awarded California Grant To Protect U.S. Electrical Grid From Cyber Attack (PRNewswire) GridCOM Technologies, the leader in quantum cyber security solutions for energy infrastructure, has been awarded a grant from the state of California to help protect the country's vulnerable electrical grid from the growing threat of cyber attack

VMware's security efforts lack focus, argues analyst (FierceITSecurity) VMware (NYSE: VMW) has shifted its security focus from security application programming interfaces (APIs) to a virtual networking platform, observes Paula Musich, principal analyst for enterprise security at Current Analysis, in a recent blog. Prior to its acquisition of software defined networking firm Nicira for more than $1 billion, VMware was focusing its security efforts on a set of higher level APIs developed with security partners to replace its VMsafe APIs. The new APIs were intended to be easier to work with and provided a greater variety of security functions, explained Musich

In–Q–Tel Investment Signals Intel Community Focus on Data Sharing (Nextgov) The CIA's venture capital arm is investing in cloud software provider Socrata Inc., a company that aims to "democratize" access to government data by making information more accessible to the public as well as internally to agency managers

Spry Methods, Inc. Completes Acquisition of James Secure Solutions, Inc. ( Spry Methods completed its acquisition of James Secure Solutions, Inc. (JSS), just ranked by Inc., as #98 on the Top 100 Government Services Companies nationwide, is a leading provider of Cyber Security, Information Assurance, and Continuous Monitoring, services the Intelligence Community, Department of Defense, and federal law enforcement agencies who sustain mission critical operational and developmental programs in support of our Nation's security. JSS is well known within the industry for vulnerability and security assessments, penetration testing, risk management framework, FISMA compliance, auditing and audit review participation, and incorporating security into various development methodologies, i.e., Agile. JSS now becomes part of Spry Methods, which provides Information Technology, Enterprise Resource Planning, Financial Management, Business Process Consulting, C5ISR and Systems Engineering services in support of the United States Navy, Army, Department of Homeland Security, USDA, HUD, and the Intelligence Community

Arbor Networks acquires Packetloop (Help Net Security) Arbor Networks has acquired privately held Packetloop, an innovator and provider of Security Analytics. Terms of the deal were not disclosed. Arbor plans to invest in and expand Packetloop's Sydney, Australia

Who wins and who loses in Microsoft's acquisition of Nokia (Quartz) Microsoft just bought Nokia's smartphone business for $7.2 billion. No matter how this turns out, the implications for both companies, and for the fortunes of other smartphone makers, especially in emerging markets, could be huge

Elop in July: It's "Hard to Understand the Rationale" for Selling Nokia's Devices Business (All Things D) Microsoft's massive $7.2 billion deal to acquire Nokia's handset and services business has been rumored ever since the Finnish company's CEO, Stephen Elop, agreed to standardize Nokia's smartphones on Microsoft's Windows Phone operating system. And it's one that Elop touted as almost inevitable in a press conference Tuesday morning

Microsoft's Nokia Buy: Consumer Chase Is On (InformationWeek) Microsoft can't live by enterprise dollars alone. By purchasing Nokia's device business, Microsoft has shown its consumer strategy will survive into the post-Ballmer era

Verizon bets big on U.S. wireless market (CNN Money) One of the biggest deals in corporate history solely targets the already saturated U.S. wireless market. Verizon (VZ, Fortune 500) is paying $130 billion to take full control of Verizon Wireless from U.K. partner Vodafone (VOD), giving it full control of America's largest and most profitable wireless provider

Forget the Microsoft Soap Opera. It's the Verizon Deal That Matters (Wired) To be sure, Microsoft's purchase of Nokia's cellphone business makes for a better story. The $7.17 billion deal spans the big-time patent wars, a simmering drama over the CEO succession plan at Microsoft, and the tragic spectacle of two aging tech giants flailing around in search of relevance — not to mention all those shiny gadgets

BAE Systems picks up two execs from Lockheed (Washington Business Journal) Two former Lockheed Martin executives have joined BAE Systems' Intelligence & Security sector in McLean, the defense contractor announced Tuesday

Products, Services, and Solutions

Alert Logic And Kroll Announce Strategic Alliance (Dark Reading) Strategic alliance to help businesses identify, respond to, and recover from data breaches and other security incidents

Google Glass Sharpens View of Wearable Computer Future (SIGNAL Magazine) From wearable mobile devices to a sensor that lets you control your screen with the wave of a hand, cutting-edge consumer technologies could be key to solving government challenges

FireEye Launches New 'Continuous Protection' Platform (SecurityWeek) FireEye, the soon-to-go-public provider of threat protection solutions, today announced a new, real-time, continuous protection platform that leverages a combination of people, technology and intelligence to protect customers against advanced cyber attacks. Dubbed "Oculus", the new platform from FireEye is comprised of three components

GitHub adds two–factor authentication option (Help Net Security) GitHub is the latest web-based service to add a 2–factor authentication feature to make the users' login process more secure

Privacy case makes your phone untrackable (Help Net Security) With all the recent revelations about NSA's long cyber reach and the (in)voluntary involvement of big Internet companies and US telecoms in its many surveillance programs, it's not entirely surprising that a Kickstarter project offering a portable and usable Faraday cage for mobile devices has been successful

NSA–resistant Android application 'burns' sensitive messages (CSO) Silent Circle's messaging application ensures only the sender and receiver can view messages and files. Silent Circle, a company specializing in encrypted communications, released a messaging application for Android devices on Wednesday that encrypts and securely erases messages and files

Neohapsis and Arxan protect sensitive apps (Help Net Security) Neohapsis and Arxan announced a partnership to offer enhanced tamper-resistance and self-defense built into a comprehensive application security strategy

30–Second HTTPS Crypto Cracking Tool Released (InformationWeek) Three researchers who discovered a crypto attack that can be used to grab sensitive information from HTTPS traffic in less than 30 seconds have released a tool to help website operators see if their systems are susceptible. Details of the BREACH — short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext — attack were first revealed last month at the Black Hat information security conference in Las Vegas by lead product security engineer Angelo Prado, Square application security engineer Neal Harris, and lead security engineer Yoel Gluck

Android 4.4 named KitKat (Open Source Insider) The next version of the open source Android mobile operating system from Google has been named KitKat. Now powering what is estimated to be more than 1 billion of the planet's smartphones and tablets, Android 4.4 had previously been rumoured to be named Key Lime Pie

#Socialmediaruinedmylife: Live to (not) regret using social media (Trend Micro) Those who have ruined their reputations and damaged their careers after posting inappropriate material on social networks include politicians, movie and sports stars as well as teachers, police officers and even fast food restaurant employees. The problem of exposing too much information could continue to plague social media users, a possibility supported in the August 2013 poll by Cint USA and the global security software developer Trend Micro. According to the poll, 24 percent of the respondents said they have posted something they later regretted or removed, and 36 percent said they have seen something they regard as inappropriate

Technologies, Techniques, and Standards

Domain Security Needs More Than Registry Locks (Dark Reading) Protecting domains requires registry locks as well as other measures, including two-factor authentication and administrative access control. Today's networking infrastructure relies on the domain name system--not only a company's public-facing Web servers and Internet appliances but much of its private infrastructure as well. But enterprises need to better protect their DNS environments, as last week's attack on a reseller of domain registrar MelbourneIT and the subsequent redirection of the New York Times, the Huffington Post, and two subsidiary Twitter domains, demonstrated. While the attacks should not have come as a surprise, the vast majority of companies are unprepared for such malicious attention

Do You Know Where Your Databases Are? (Dark Reading) One of the most important first steps to any database security strategy is also coincidentally one of the most likely to be forgotten: enumerating the databases an organization manages. After all, unless an enterprise knows how many databases it has and which ones contain sensitive information, it is pretty difficult to prioritize them based on risk and implement appropriate controls. And yet, many organizations are operating in the dark with regard to database discovery

Online backup for mobile devices: Key factors to consider (Help Net Security) Most technology users keep personal information (contacts, calendars, documents, photos, etc.) on their mobile devices. That information isn't protected if the mobile is lost/stolen

Emulating binaries to discover vulnerabilities in industrial devices (IOActive Labs Research) Emulating an industrial device in a controlled environment is a really helpful security tool. You can gain a better knowledge of how it works, identify potential attack vectors, and verify the vulnerabilities you discovered using static methods. This post provides step-by-step instructions on how to emulate an industrial router with publicly available firmware. This is a pretty common case, so you should be able to apply this methodology to other scenarios

PCI DSS 3.0 is a start, but more changes are needed (SC Magazine) The PCI Security Standards Council (PCI SSC) recently released highlights of the widely anticipated PCI DSS 3.0 requirements. Businesses that store, process or transmit cardholder data must follow the requirements to better protect their customers' information from being stolen by criminals

Dude, where's my security ROI? (CSO) When it comes to security, ROI or return on investment has historically been difficult to measure. It's a bit like that bar receipt from Las Vegas that you don't want to bring up around management because it's hard to defend


Kaspersky Lab kicks off its annual student conference 'CyberSecurity for the Next Generation — 2014' (Kaspersky Lab) Kaspersky Lab announces the start of its international student competition 'CyberSecurity for the Next Generation' for the new academic year. In 2014 the conference will comprise four regional rounds and a global final. Entries can be submitted for all regions from September 1, 2013 at the new online platform

How the government intends to close the cyber security skills gap (Computing) The Department for Education recently published a revised national curriculum framework and programme of study for computing, including references to the safe use of technology and to protecting online privacy and identity at key stages 3 and 4

Making the grade in Massive Open Online Courses (C/Net) MOOCs are becoming increasing popular as a way for people to access lessons from Ivy League universities. But access doesn't always translate into student success

NUARI to Receive $9.9 Million Contract from U.S. DHS S &T to Develop Technologies for Combating Cyber Attacks (IT News Online) Norwich University Applied Research Institutes (NUARI) and U.S. Senator Patrick Leahy (D-Vt.) announced Thursday that U.S. Department of Homeland Security Science and Technology (DHS S &T) directorate intends to award NUARI a $9.9 million contract for technologies and systems to help financial institutions, government agencies and other critical infrastructure respond to cyber attacks through expansion of capabilities of its DECIDE software platform

Legislation, Policy, and Regulation

India govt concerned about Chinese apps (ZDNet) Amid the growing popularity of Whatsapp and UC Browser in India, various government agencies have expressed concerns over potential security risks of these made–in–China mobile apps

Brazilian government plans national 'anti–snooping' email system (Wired) The Brazilian government is planning to develop a national email system that is protected from the sort of espionage that the US National Security Agency carries out. The government has already been working with the national postal agency Correios to develop the new commercial email system, providing an alternative to the likes of Gmail and Hotmail, which would guarantee the veracity of documents and offer functions such as a delivery certification showing when an email has been read by the recipient

President Obama says U.S. not snooping on ordinary people's emails, phones (Reuters) President Barack Obama said on Wednesday the United States was not spying on ordinary people's correspondence and phone calls, but its international intelligence gathering was targeted at specific areas of concern. "I can give assurances to the publics in Europe and around the world that we are not going around snooping at people's emails or listening to their phone calls," Obama said during a joint news conference with Swedish Prime Minister Fredrik Reinfeldt

New documents detail cyber operations by US (Economic Times) Newly disclosed budget documents for America's intelligence agencies show how aggressively the United States is conducting offensive cyber operations against other states, even while the Obama administration protests attacks on U.S. computer networks by China, Iran and Russia

Dispute over report about secret NSA budget (Security Info Watch) The National Security Agency on Thursday disputed a published report that secret intelligence budget files provided by agency leaker Edward Snowden show that the surveillance agency warned in 2012 that it planned to investigate up to 4,000 cases of possible internal security breaches

The Only Way to Restore Trust in the NSA (The Atlantic) The public has no faith left in the intelligence community or what the president says about it. A strong, independent special prosecutor needs to clean up the mess. I've recently seen two articles speculating on the NSA's capability, and practice, of spying on members of Congress and other elected officials. The evidence is all circumstantial and smacks of conspiracy thinking — and I have no idea whether any of it is true or not — but it's a good illustration of what happens when trust in a public institution fails

Piecemeal Approach to Cyber Legislation (Healthcare Info Security) As lawmakers head back to Washington after their summer recess, the U.S. Senate likely will take a piecemeal approach to cybersecurity legislation, says Jacob Olcott, the former counsel to the Senate Commerce, Science and Transportation Committee, whose leaders introduced a draft bill

Leaked documents show Information Sharing Environment budget of $25M (FierceGovIT) The Information Sharing Environment within the Office of the Director of National Intelligence has an annual budget of around $25 million, shows a budget document leaked by former intelligence contractor Edward Snowden

Cameron Kerry decries U.S. privacy notice model while warning against divided Internet (FierceGovIT) The model underlying current American privacy protection is clearly no longer sufficient, said outgoing Commerce Department General Counsel Cameron Kerry in an Aug. 28 speech, while warning against attempts to prevent European data from residing on U.S.-based servers

Army swears in new cyber command leader (FCW) In a ceremony held Sept. 3 at Fort Belvoir, Va., Army Chief of Staff Gen. Ray Odierno swore in Lt. Gen. Edward Cardon as commander of Army Cyber Command. Cardon previously served as commanding general of the 2nd Infantry Division in South Korea. Prior to that, he was deputy commanding general for support for U.S. Forces-Iraq. That appointment was the last of Cardon's several commanding positions in and deployments to Iraq

Litigation, Investigation, and Law Enforcement

Vladimir Putin: Russian Officials Were In Contact With Snowden Before Flight To Moscow (Business Insider) Russian officials were in touch with Edward Snowden before the US intelligence leaker flew to Moscow from Hong Kong, President Vladimir Putin has revealed

Did WikiLeaks Sell Out Snowden To The Russians? (Business Insider) Is it just a coincidence that former NSA analyst Edward Snowden, a valuable intelligence asset, ended up in the hands of Russia's security services? Or did WikiLeaks, the "anti-secrecy" organization that has taken responsibility for Snowden, send him there in collaboration with the Russians Former senior U.S. intelligence analyst Joshua Foust makes a compelling argument that Wikileaks may have been infiltrated by Russia's Federal Security Bureau, the post-Soviet successor to the KGB

Russia Issues International Travel Advisory to Its Hackers (Wired) For roughly two decades Russia has been something of a safe haven for professional spammers, hackers, phishers and fraudsters hitting the U.S with cyber scams. Now the Russian government has some advice for its cyber criminal class, and any other citizens who might be wanted by U.S. law enforcement: Don't leave home

Surveillance Law Meant to Curb Spying, not Boost It, Senators Say (Courthouse News Service) Walter Mondale and another former senator who crafted the 1978 Foreign Intelligence Surveillance Act want to join in the fight against the National Security Agency's spying powers. The so-called Church Committee, which published 14 reports on U.S. intelligence agencies and their operations, formed as members of Congress learned about the abuses of power in the Nixon administration

HTC's star smartphone designer allegedly stole secrets for a Chinese city government (Quartz) Taiwanese authorities have arrested three former heads of HTC, a leading Taiwanese smartphone maker, on suspicion of handing trade secrets over to the city government of Chengdu, in Sichuan province, as Reuters reports, citing Next Magazine

Data breach lawsuits roll on as lawyers work to establish legal precedent (SC Magazine) Nearly a decade ago, identity thieves posed as customers to steal more than 160,000 consumer records from data broker ChoicePoint. If the incident were to happen today, it likely would be met with a passing yawn, common hacker play that is nothing more than just another headline, only to replaced by tomorrow's breach, that one by the next day's. But the ChoicePoint heist remains a landmark incident, mostly because it was the first big breach required to be publicly reported, thanks to a pioneering notification law passed in 2003 in California, known as SB-1386

AT&T's massive call detail record database accessible to DEA agents (Help Net Security) Since 2007, AT&T employees have been working side by side with US Drug Enforcement Administration and local law enforcement agents, helping them access electronic call detail records (CDRs) for suspected

Texas comptroller ducks data breach deposition by claiming immunity (FierceITSecurity) The Texas comptroller successfully invoked governmental immunity in avoiding a pretrial deposition for a data breach that exposed personal information on millions of Texans, according to a report by Law360

Lawyers report steep rise in employee data theft cases (Naked Security) UK law firm EMW has reported a sharp rise in confidential data theft cases brought before the High Court. Is that because data control is becoming laxer, or actually because things are tightening up so that more crooks are getting caught

UK authorities handled more than 700 cases of personal data theft over 5 years (FierceITSecurity) U.K. authorities have investigated more than 700 cases of theft of personal information over the last five years, according to an analysis by The Sunday Telegraph newspaper and the Big Brother Watch privacy group

Microsoft, Google fail to reach accord with US government over surveillance data release (FierceITSecurity) Negotiations between Microsoft (NASDAQ: MSFT) and Google (NASDAQ: GOOG) on one side, and the U.S. government on the other, over publishing data on the National Security Agency's (NSA's) surveillance program have ended in "failure," Microsoft General Counsel Brad Smith acknowledged in a blog post on Friday

Microsoft, Google discover newfound respect for Constitution (FierceITSecurity) Microsoft (NASDAQ: MSFT) and Google (NASDAQ: GOOG) have discovered a newfound respect for the U.S. Constitution. In their efforts to disclose additional information about the data they turned over to the National Security Agency, the two firms are waving the flag and appealing to the First Amendment

Why Child Identity Theft is Dangerous (McAfee) Identity theft in the form of new account fraud can happen to anyone with a Social Security number, which includes virtually any American with a well as some who no longer do. Identity theft can even happen to your newborn baby shortly after a Social Security number has been issued to him or her and this could have long term implications for your child

Nine cyber syndicate members remanded (ITWeb) Nine members of a cyber syndicate, which allegedly stole R15 million, have been denied bail. The syndicate reportedly defrauded thousands of people through phishing scams, opening false store accounts and accessing credit using cloned identities. Forty-five members of an alleged cross-continental cyber syndicate, which stole R15 million from South Africans, were released on bail yesterday

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...

TechCrunch Disrupt San Francisco (San Francisco, California, September 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September...

SANS CyberCon Fall 2013 (Online, September 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors...

15th Annual AT&T Cyber Security Conference (New York, New York, USA, September 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP...

First Regional Southeast Conference on Cyber Security for National Security (Charleston, South Carolina, USA, September 10, 2013) The First Southeast Regional CS4NS Conference focuses on the immediate need of strengthening the critical cyber infrastructure of our nation. The conference will address the current cyber security state...

International Common Criteria Conference (Orlando, Florida, USA, September 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC...

Angel Venture Forum: Cyber Security & Healthcare Investment Conference (Washington, DC, USA, September 11, 2013) With the increasing adoption of cloud computing, mobile devices and web-based applications, hackers have more opportunities than ever to infiltrate and crash network systems, especially in healthcare,...

GrrCon (Grand Rapids, Michigan, USA, September 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also...

cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, September 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With...

Shaping the Future of Cybersecurity Education Workshop (Gaithersburg, Maryland, USA, September 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National...

NovaSec! (McLean, Virginia, USA, June 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with...

Strange Loop (, January 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and...

ISSA Cyber Security Forum at Ft Belvoir (Fort Belvoir, Virginia, USA, September 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber...

CISO Executive Summit (Atlanta, Georgia, USA, September 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind...

2013 Cyber Security Summit (New York, New York, USA, September 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be...

4th Annual Cybersecurity Summit (Washington, DC, USA, September 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.