skip navigation

More signal. Less noise.

Daily briefing.

Hacktivists target media and government Websites in Syria, Saudi Arabia, and Venezuela. Forbes describes its response and recovery from last week's attack by the Syrian Electronic Army.

The circle of victims mired in an IE10 zero-day exploit—a watering-hole campaign now known as "Snowman" and widely believed to be a Chinese operation—continues to ripple outward. Snowman's principal targets appear to be US and French military and aerospace organizations. Security experts compete to give advice on staying out of watering holes.

Crowdfunding platform Kickstarter has been hacked, as unknown attackers make off with usernames, email addresses, phone numbers and passwords. The passwords are encrypted, but of course passwords can be guessed, so users are advised to change them immediately.

The Linksys vulnerability currently being exploited by "TheMoon" worm is a Home Network Administration Protocol (HNAP) bug. Linksys has a firmware patch in the works.

Russian cybergangs, evidently undeterred by risks like those on display in recent looting of Silk Road 2.0's Bitcoins, are moving to virtual currencies—only "n00bs" says the Register, use actual money any more.

2000 credentials of British retailer Tesco's customers are compromised, apparently through cross-referencing with other sites—a lesson not only in the risks of reusing credentials, but on the problems with passwords generally.

Password issues are driving both M&A and R&D. Google acquires SlickLogin for its acoustic authentication technology. ZSS-Research proposes "geographic" passwords as an easy-to-remember but hard-to-guess alternative to legacy approaches.

Iranian hacking of the US Navy may be worse than hitherto believed.

Notes.

Today's issue includes events affecting Australia, China, Colombia, European Union, France, Germany, India, Indonesia, Iran, Ireland, Republic of Korea, Peru, Russia, Saudi Arabia, South Africa, Syria, United Arab Emirates, United Kingdom, United States, and Venezuela..

Cyber Attacks, Threats, and Vulnerabilities

#opFire Anonymous operation hits Syrian and Saudi business (Cyberwarezone) Anonymous hackers have initiated an attack of several Syrian and Saudi websites, the attacks seem to target government and news websites. The #opfire operation had not been announced/slipped our eyes as there was not much media to be found on the internet regarding the #opFire operation. On Twitter there is a battlefield to be found of the targets that have been attacked by the Anonymous hackers that support #opFire

Inside Forbes: After a Digital Attack, a Story of Recovery and What It Means (Forbes) Forbes.com came under digital attack last week. It began Thursday and continued into Friday. On Twitter, the Syrian Electronic Army, supporters of Syrian President Bashar al-Assad, claimed responsibility, just as it did with attacks on Facebook, BBC News, The Washington Post, the Associated Press and others (Kickstarter was hit by still-unidentified hackers as well). Late Friday morning, Forbes received an email with a screen grab purporting to show information captured from our publishing database. The author implied the attack would stop if "fees" were paid

Syrian Electronic Army hacks Forbes, spills 1M user records — here's what you need to know (Naked Security) The SEA made off with more than a million records from the Forbes user database — perhaps including yours! — and published them online. We already "cracked" a quarter of the Forbes staffer's accounts...Paul Ducklin looks at how well everyone else's password might hold up

LulzSec Peru hacks Twitter account of Venezuela's Ruling Party against Twitter Censorship (Hack Read) World renowned hacktivists from LulzSec Peru have hacked a verified Twitter account of United Socialist Party of Venezuela (PSUV). After taking over the Twitter account, the hacktivists changed the official description of @PartidoPSUV and its profile picture. The new discretion currently reads: "Don't mess with the best. Hacked by LulzSec Peru." Softpedia reports that LulzSec Peru also posted several tweets against the government of Venezuela

Forbes Hack password shootout: Gmail vs Yahoo vs Hotmail vs AOL — whose users are the smartest? (Naked Security) Which webmail service has the smartest users? And are they getting smarter over time? Paul Ducklin tries to use the password data from the Forbes hack to find the answers

Snowman Attack Campaign Targets IE10 Zero-Day Bug (InformationWeek) Military personnel appear to be the targets of watering-hole attacks from a hacked VFW website

New IE 0-Day Used in Watering Hole Attack (Help Net Security) A new Internet Explorer 0-day exploit, apparently used by an old hacking group, was found to have been served by the compromised Veterans of Foreign Wars website. Similarities in the attack suggest the same group as that involved in operations DeputyDog and Ephemeral Hydra were behind the attack. That group is thought to emanate from China

French aerospace industry group targeted by a cyber attack (Authint Mail) Microsoft Corp's (MSFT.O) IE 10 Web browser, used to attack visitors to U.S. military veterans website, appeared to have been used earlier against French aerospace industry group GIFAS. A French aerospace industry group targeted by a cyber attack using a flaw in recent versions of Internet Explorer said on Saturday its website had not been directly attacked but that hackers had created a fake address similar to its own

Hackers Targeted Key U.S. Industries Through Compromised Websites (Nextgov) The Homeland Security Department last year alerted dozens of critical infrastructure operators that attackers might have accessed their networks by tainting external websites that personnel had visited

Security Pros Warn of Drowning in IE 'Watering Hole' Attack (CIO Today) Past versions of Microsoft's Internet Explorer have earned bad reputations for IE and news reports of new zero-days like this one for IE 10 don't help. The truth is that recently, Microsoft's Internet Explorer has had fewer issues per year than other browsers, it's just a common target due to the number of users it has, said security researcher Tyler Reguly

Two days after Patch Tuesday comes Zero Day Thursday (GFI Patch Central) Network admins who had just breathed a sigh of relief because their systems were all patched for another month — at least in relation to vulnerabilities in Microsoft software — didn't get to feel secure for long. On Thursday, they found that they had something else to worry about, as reports started coming out about a newly-discovered zero day vulnerability in some versions of Internet Explorer

Kickstarter Compromised, User Data Stolen (Threatpost) Attackers broke into the network of Kickstarter, the crowdfunding platform, and stole a variety of user data, including usernames, addresses, email addresses and encrypted passwords. Company officials didn't specify exactly how many users were affected and said that "no credit card data of any kind was accessed by hackers"

Kickstarter Apologizes for Security Breach, Advises Changing Your Password (MaximumPC) Hackers stole customer data from Kickstarter's database

Is Kickstarter's cyber attack the worst data theft yet? (RYOT) Online fundraising site Kickstarter says hackers got some of its customer data. Kickstarter co-founder Yancey Strickler said in a blog post that hackers accessed usernames, email addresses, phone numbers and passwords. The passwords are encrypted, but the company said it's possible for a hacker to guess a weak or obvious password. It recommended that users change their passwords

Linksys vuln confirmed as a HNAP1 bug (The Register) Router-maker's pants pulled down by 'moon' malware

Linksys Is Preparing Firmware Fix to Protect Users Against "TheMoon" Worm (Softpedia) The SANS Institute's Internet Storm Center has issued a warning about a worm that targets certain Linksys routers. Dubbed "TheMoon" because it contains images from the movie with the same name, the threat is designed to exploit a vulnerability in the devices in order to spread

More on HNAP — What is it, How to Use it, How to Find it (Internet Storm Center) We've had a ton of discussion on the most recent set of home router vulnerabilities based on the HNAP protocol. But what is the HNAP protocol for, and why is it so persistently enabled?

Exploit released for vulnerability targeted by Linksys router worm (IT World) Technical details about a vulnerability in Linksys routers that's being exploited by a new worm have been released Sunday along with a proof-of-concept exploit and a larger than earlier expected list of potentially vulnerable device models

The Moon router worm. Your anti-virus has probably been updated to detect it, but won't protect you (Graham Cluley) Late last week news emerged of a worm that was spreading between Linksys routers

Kaspersky report 'flawed': Absolute Software (ARN) Anti-theft software firm rubbishes report claiming their software poses cybersecurity risk

Tesco has suspended online customers account after cyber attack target (CLockendview) More than 2,000 online customer accounts has suspended by Supermarket monster Tesco,after cyber thieves use login information published on the Internet to steal Clubcard vouchers

Are consumers or Tesco to blame for latest cyber-breach? (ProSecurityZone) 2000 Tesco customers have had their accounts compromised after their credentials were cross-referenced from other sites. Retailer Tesco has come under criticism for a security problem relating to over 2000 of its online customers. The login credentials were discovered and published on a sharing site and have since been reset. However, the Tesco.com site itself hadn't been hacked, the credentials were uncovered on other sites and used to see if they corresponded to Tesco login details

Experts question security used in Target breach (CSO) Security experts determining whether third-party vendor had too much access to Target's point of sale systems

Target 'Brushed Off' Security Concerns 2 Months Before 40 Million Credit Card Numbers Were Stolen (Business Insider via the Greenwich Time) Target ignored a request for a more thorough review of security on its point-of-sale systems two months before a hacker stole 40 million credit card numbers from the retailer

Target data breach could result in phishing scams (The Star Press) If you did any Christmas shopping at Target, you've probably had at least twinges of concern with each new report of the fallout from hackers having stolen credit and debit card information from the store's files during that period

300,000 users affected by premium-SMS sending apps from Google Play (Help Net Security) Panda Security has identified malicious apps on Google Play that can sign users up to premium SMS subscription services without their permission. These new threats have been able to infect at least 300,000 users so far, although the number of malicious downloads could have reached 1,200,000

Silk Road 2.0 emptied out by a hole in its Bitcoin pocket (Naked Security) With three other Silk Road copycat sites having run off with users' funds since the original Silk Road was shut down, the dark web is turning into a glum place to shop for drugs, firearms and forged IDs

Phishing Alert: Dutch Internet Users Targeted with Fake Rabobank Notifications (Softpedia) Users in the Netherlands are advised to be on the lookout for fake Rabobank emails pointing to a phishing site. The emails carry the subject line "SEPA: bent u al over ? Wacht niet langer en kom in actie!" and they purport to come from an iban.nl email address

DDOS Attack on CloudFlare Customer Larger than Spamhaus (CSO Salted Hash) According to an aftermath report released on Thursday, the DDoS attack against an unknown CloudFlare customer used a fraction of the resources to generate 33% more traffic than what was used to attack Spamhaus

Russian cybercrooks shun real currencies, develop private altcoins (The Register) Only n00bs need real-world cash in the cryptocurrency era

Opposition to care.data grows as NHS suffers two million "serious data breaches" since 2011 (Computing) The new, centralised NHS patient records database could be vulnerable to hackers and used to identify patients, according to leaked Privacy Impact Assessment documents from the Health and Social Care Information Centre (HSCIC), the quango responsible for implementing the project

Next-Gen Malware Developed with AutoIt Scripting Language (Seculert) As reported by Infosecurity magazine, Trend Micro researchers are warning organizations to be on the alert for next-gen malware developed with AutoIt: a flexible freeware scripting language used to automate the Windows GUI and other general scripting

More Malware Embedded in RTFs (TrendLabs Security Intelligence Blog) RTF (Rich Text Format) files have been used before by cybercriminals, but of late it seems their use of this format is becoming more creative

Muslim Directory hacked, 38,903 User Credentials Leaked (Cyber War News) A hacker using the handle @th3inf1d3l has today announced an leak of data from … resulting in 38,903 User credentials being leaked online

Hacker Removed Mark Zuckerberg's Facebook Timeline Cover Photo (Hacker News) Something unusual happened today, Mark Zuckerberg's Facebook Timeline Cover Photo is removed, as shown in the above Screenshot

Bogus Evernote alert leads to exploit kit (Help Net Security) Evernote users are being actively targeted with an email spam campaign that tries to trick them into following a malicious link

Google Chrome, Firefox face threat of cyber attack in India (Gulf Today) Multiple vulnerabilities have been detected in popular web browsers Google Chrome and Mozilla Firefox and cyber security sleuths have advised Internet users in the Indian cyberspace to guard against arbitrary activities on their systems

Valve DNS privacy flap exposes the murky world of cheat prevention (Ars Technica) Company denies any breach of privacy, as angry gamers cry foul

Abusing Cloud Services for Cybercrime (Dark Reading) At the upcoming RSA conference, researchers will discuss how a lack of anti-automation protections allow attackers to take advantage of free cloud services

Bank of the West Acknowledges Data Breach (eSecurity Planet) Job applicants' user names, passwords, names, Social Security numbers, driver's license numbers and birthdates may have been accessed

NTP reflection attacks continue (Internet Storm Center) As we discussed here back in January, there has been a significant rise in large Network Time Protocol (NTP) reflection DDoS attacks. In such an attack, an attacker sends a crafted packet that requests a large amount of data that is ultimately sent to the spoofed host

Security firm moves to correct 'inaccuracies' over GSOC (Irish Times) Verrimus says it is impossible that mobile phones used by its staff were source of fake code

Cyber Trends

Security Professionals Lack Compatible Tools To Prevent Cyber Attacks: Report (CruxialCIO) IT security professionals need more compatible tools and a faster response to cyber attacks, according to a new report by the Ponemon Institute

Most security pros concerned about missing threats between vulnerability scans (Help Net Security) Continuous monitoring, whose roots lie with the U.S. government, addresses many of the challenges faced by traditional vulnerability management solutions and offers CISOs and security leaders across sectors a near real-time view into the security posture of their respective institutions

Cyber attacks on the 'Lawfare' national security law website (Volokh Conspiracy at the Washington Post) Many Volokh Conspiracy readers, I imagine, have probably heard of the national security law and policy website Lawfare, or perhaps have read it occasionally. It has emerged as the most important, go-to site for national security law and policy, widely followed by journalists, academics, and government officials, particularly in the Defense Department and intelligence community. It has helped inspire some of the other leading websites offering commentary on national security law — Just Security, for example

Exploring the complexity of modern cyber attacks (Help Net Security) What are the main challenges in balancing a growing security architecture with emerging threats, while at the same time justifying ROI to the management? There are at least two primary challenges to balancing a growing security architecture against emerging threats

South Africa loses R3.42bn to cyber crime (ITWeb) South Africans are feeling the effects of an increase in cyber crime, collectively costing victims over R3.42 billion rand over the past 12 months, according to Symantec's 2013 Norton report

Pastebin publishes over 300,000 hacked account details in 12 months (Graham Cluley) The security researchers at High-Tech Bridge have been taking a close look at Pastebin.com, a site which is used legitimately by programmers to share code — but also popular with hackers who wish to anonymously dump stolen data to provide evidence of a successful breach

Data Breach Roundup: January 2014 (eSecurity Planet) Many data breaches that occurred in January highlight the importance of user education. Knowledgeable users are less likely to engage in behavior that poses security risks

Marketplace

Why did Google acquire sound login startup SlickLogin? Because security needs to be simple (VentureBeat) With security breaches on the rise, and the seemingly persistent inability for humans to create and remember secure passwords, it's clear that we need another solution for our ongoing security needs

Bit9 and Carbon Black Merge to Deliver New Level of Prevention, Detection and Response against Cyber Threats (IT News Online) Bit9, the leader in advanced threat protection for endpoints and servers, today announced it has merged with Carbon Black, a next-generation security company with an architecture that enables rapid installation on every enterprise endpoint and server and delivers "incident response in seconds." The combined entity, which retains the Bit9 name, is the only company that prevents and detects advanced threats on endpoints and servers and provides incident response in seconds

Kevin Mandia: Why selling Mandiant made sense (CNN Money) The cybersecurity pioneer explains why merging the two top security firms was in everyone's best interest

Tony Cole on FireEye's Mandiant Acquisition, Nature of Cyber Threats (ExecutiveBiz) Tony Cole serves as vice president and global government chief technology officer at FireEye, where he works with public sector agencies and other systems integrators to gain knowledge of the global cyber threat landscape and adapt enterprise approaches to address the threats

FireEye launches a new platform and details Mandiant integration (Silicon Angle) To anyone that doesn't invest in them, follow security technology stories much or the big race between these guys, Cisco, Palo Alto Networks and a few others — a name like FireEye may sound like whatever is happening to Bob Costas lately

Samsung Snags Army Contract, Weakens BlackBerry Ltd's 'Security' Thesis (Value Walk) Samsung has won a major order for smartphones from the US Army, and looks like it will get another one from the National Security Agency, undercutting what is supposed to be BlackBerry Ltd (NASDAQ:BBRY) (TSE:BB)'s main competitive advantage — telecom security. Samsung already had a contract with the US Army, a chest-mounted smartphone called the Note II, but this significantly expands the program and it would mark the first time Samsung sold smartphones to the NSA's Fishbowl Project

Behavioural analysis and continuous monitoring deployment (ProSecurityZone) Navis has taken the IDS-6300 intelligent security appliance from DB Networks for behavioural analytics and coninuous monitoring

Products, Services, and Solutions

FireEye Introduces Endpoint Threat Detection & Response Capabilities for FireEye Security Platform (IT Business Net) FireEye, Inc. (Nasdaq:FEYE), the leader in stopping today's advanced cyber attacks, today introduced FireEye® Endpoint Threat Prevention™ for the FireEye Security Platform. The new solution, which incorporates endpoint products acquired from Mandiant, is designed to enable security teams to resolve security incidents in a fraction of the time it takes using conventional approaches that knit together endpoint and network-detection capabilities from multiple vendors

Enterprising research IDs zero day malware (CRN) Bird's eye view spots attacks on large networks. A team of researchers have developed a novel and effective approach to identify zero-day malware by its attempts to evade traditional security defences

Technologies, Techniques, and Standards

U.S. Gives Cybersecurity Advice to Critical Infrastructure Operators—But No Rules (IEEE Spectrum) The U.S. government, finally realizing that it has to take action to ensure a minimum level of cybersecurity in networks that manage the nation's energy, water and financial services, presented the Framework for Improving Critical Infrastructure Security on Wednesday

Origins of the NIST cybersecurity framework, encryption standards (TechTarget) An expert says the NIST cybersecurity framework and encryption standards resulted from a thorough public vetting process

The changing face of advanced malware detection (TechTarget) In the escalating arms race against advanced malware, many organizations require defenses to protect enterprise networks in real time that go beyond desktop endpoint virus scanners and network-based intrusion prevention products

Tor networks: Stop employees from touring the deep Web (TechTarget) Interest in the deep Web exploded in 2013 as international headlines broadcast the unexpected reach of National Security Agency's mass surveillance programs, and the made-for-Hollywood story unfolded of the Silk Road website and arrest of its alleged proprietor, "Dread Pirate Roberts"

Yes, Online Privacy Really Is Possible (Slate) A few short weeks ago, we were conducting a security training for a group of journalists in Palestine. The journalists were deeply aware of the potential threats facing them—and by not one, but three governments—but didn't have the first idea of how to mitigate against those threats. "It's too confusing!" claimed one, while another said it was futile

Why marketing principles can help a security awareness program succeed (TechTarget) Veteran CISO Ernie Hayden offers ideas from the realm of marketing to help spread security awareness like a virus -- but in a good way

Three ways to raise infosec awareness among non-security executives (TechTarget) Low infosec awareness among C-level execs can hurt security funding. Expert Joseph Granneman details three ways that CISOs can raise that awareness

Why security should monitor social media to prevent violence (CSO) Behavior on social media can offer clues to potential threats of violence against an organization and its employees. Here are some tips for why and how security managers can keep an eye on social media to mitigate future problems

Why you shouldn't Gmail ZIP files with a password of 'infected' (Graham Cluley) In the old days (and hopefully still today), malware researchers used to securely encrypt their virus collections using a tool like PGP to make sure that it didn't fall into the wrong hands en route, and could only be decrypted by the person to whom they intended to send it

Admin rights key to mitigating vulnerabilities, study shows (ZDNet) By running users under standard, non-admin accounts, IT can prevent a very high percentage of Microsoft vulnerabilities from being exploited

Research and Development

Security test researcher funded by US Department of Homeland Security (TechTarget) The U.S. DHS is funding Dan Cornell's efforts to improve hybrid analysis of results of various different security testing tools

Geographical passwords as a solution to the password problem (Help Net Security) The massive data breaches that happened in the last few years have proven beyond doubt that the text password authentication method has many flaws

Academia

Naval Academy plans to break ground on $120 million cyber center in 2016 (Capital Gazette) The Naval Academy is asking for $120 million to build a 206,000-square-foot cyber security training facility on the Yard

Monty Tech 'Cyber Warriors' excel in competition (Worcester Telegram) It is estimated that more than 70 million people were affected by the recent breach in security through the Target store chain, and while the event was epic in its proportions, infractions just like it happen every second of the day

Legislation, Policy, and Regulation

Merkel and Hollande Propose a European Internet (InfoSecurity Magazine) News outlets, such as the BBC, are reporting that Germany's Chancellor Angela Merkel "is proposing building up a European communications network to help improve data protection" and prevent European emails and other data passing through the United States where it can be, and has been, harvested by the NSA

After US squashes no-spy hopes, European leaders discuss ways to protect citizens' data (Gigaom) German Chancellor Angela Merkel has thrown her weight behind the idea of keeping European online communications within Europe where possible

Ex-German chancellor Schroeder surprised at NSA spying on Merkel (Voice of Russia) Gerhard Schroeder, a former German Chancellor, now says he was surprised to hear that the United States National Security Agency, or NSA, spied on his country's current head of government after he left office almost a decade ago

Cybersecurity Act Awaiting Approval In Congress (Inquisitr) The National Cybersecurity and Critical Infrastructure Protection Act (HR3696) was introduced in Congress as the power grid attacks of 2013 finally filtered into the American consciousness. The cyber security legislation is supposed to allow communications integration centers within the Department of Homeland Security to offer real time cyber threat information

Spy Chief: We Should've Told You We Track Your Calls (The Daily Beast) The U.S. government long considered its collection of Americans' call records to be a state secret. Now the Director of National Intelligence admits it would have been better if Washington had acknowledged the surveillance in the first place

Let the NSA Keep Hold of the Data (Slate) Giving it to private companies will only make privacy intrusion worse

What can unite liberals and tea partyers? The NSA (AP) Hoyt Sparks says he has no use for liberal Democrats and their "socialistic, Marxist, communist" ways. Toni Lewis suspects tea party Republicans are "a bunch of people who probably need some mental health treatment"

Confessions of an Edward Snowden apologist (The Week) I've been away for some (successful) surgery, and perhaps the painkiller withdrawal, associated with mood swings, has got me thinking very carefully about what folks who are fascinated by the National Security Agency surveillance debate are really thinking about

Former NPS chief nominated to head Navy Cyber Command (Monterey Herald) Jan Tighe nominated to head Navy Cyber Command

Cyber Warfare and Information Security for India (Eurasia Review) Security analysts are predicting that 2013 is when nation-sponsored cyber warfare goes mainstream — and some think such attacks will lead to actual deaths

Litigation, Investigation, and Law Enforcement

Iranian Hacking to Test NSA Nominee Michael Rogers (Wall Street Journal) Iran's infiltration of a Navy computer network was far more extensive than previously thought, according to officials, and the officer who led the response will likely face questions about it from senators weighing his nomination as the next head of the embattled National Security Agency. It took the Navy about four months to finally purge the hackers from its biggest unclassified computer network, according to current

More NSA officers implicated with Snowden (SBS) Two more officials have been barred from the US National Security Agency after being implicated in Edward Snowden's theft of classified documents

Indon trade spying report to test Abbott (news.com.au) Prime Minister Tony Abbott's claim that Australian intelligence gathering is done chiefly to save lives is being tested, with reports of spying on Indonesian-US trade talks over shrimp

America's National Security Agency refuses to comment on Australian spy reports (Australian Broadcasting Corporation) America's intelligence agency, the National Security Agency (NSA), has refused to comment on the latest leak of top secret documents which appear to implicate Australian spies

Spying by N.S.A. Ally Entangled U.S. Law Firm (New York Times) The list of those caught up in the global surveillance net cast by the National Security Agency and its overseas partners, from social media users to foreign heads of state, now includes another entry: American lawyers

Is the NSA Spying on U.S. Lawyers? (Slate) Implications of NSA surveillance got a shot in the arm this weekend as the New York Times revealed that an American law firm was monitored while representing a foreign country during a trade dispute with the U.S. A top secret document provided by Edward Snowden was behind the discovery and fuels concerns that confidential attorney-client communications may be vulnerable to spying

Did the NSA really help spy on U.S. lawyers? (Volokh Conspiracy at the Washington Post) The front page of the Sunday New York Times features a new Snowden-based story that looks, at first blush, like a really big deal. Authored by James Risen and Laura Poitras, the story opens with considerable drama by suggesting that the NSA is spying on U.S. lawyers

Ron Paul starts Snowden clemency petition (Seattle Times) Former GOP congressman and presidential candidate Ron Paul has started a petition drive to pressure the Obama administration to grant clemency to former National Security Agency contractor Edward Snowden, who is charged with espionage over leaks about the government's surveillance programs

Colombian military intelligence hacks communication between journalists and FARC in Cuba (Knight Center for Journalism in the Americas) During peace negotiations with the Revolutionary Armed Forces of Colombia (FARC), the Colombian government spied on communications between the group's spokespeople and international journalists who were covering the events, Univisión reported

Reporting based on NSA leaks wins Polk Award (AP via the Washington Post) Four journalists who reported on the extent of the National Security Agency's secret surveillance based on documents leaked by Edward Snowden are among the winners of the 65th annual George Polk Awards in Journalism

Exposing dark side of Net a full-time job (Boston Globe) In the last year, Eastern European cybercriminals have stolen Brian Krebs's identity a half-dozen times, brought down his website, included his name and some unpleasant epithets in their malware code, sent fecal matter and heroin to his doorstep, and called a SWAT team to his home — just as his mother was arriving for dinner

Second hacker charged in Koch Industries attack (Wichita Business Journal) A second member of the hacking group Anonymous has been sentenced for disrupting the website for Angel Soft toilet paper as part of a cyber attack on Wichita-based Koch Industries

South Korea punishes three credit card firms over data heist (Naked Security) South Korean regulators have fined three credit card companies and banned them from issuing new credit cards for three months in the wake of the country's largest-ever data theft last month

Evidence Mounts Against Piers Morgan in Phone Hacking Investigation (Breitbart) On Friday it was revealed that the CNN host and former editor of the Daily Mirror newspaper, Piers Morgan, had been interviewed under caution by police investigating phone hacking. Officers from Operation Golding will have wanted to talk to Morgan about his now infamous claim that "I have never hacked a phone, told anyone to hack a phone, or published any stories based on the hacking of a phone"

[AT&T] Transparency Report (AT&T) We take our responsibility to protect your information and privacy very seriously, and we pledge to continue to do so to the fullest extent possible and always in compliance with the law of the country where the relevant service is provided. Like all companies, we must provide information to government and law enforcement agencies to comply with court orders, subpoenas, lawful discovery requests and other legal requirements. We ensure that these requests are valid and that our responses comply with the law and our own policies

CyberSecurity Innovation Forum (Fairfax, Virginia, USA, February 20, 2014) Join us for a series of short case study presentations by cybersecurity experts and technology innovators from throughout the region. Presentations will be followed by a panel discussion with plenty of opportunity for discussion and discovery. The focus of the evening will be on cybersecurity innovations that address current and evolving challenges and have had a real, measurable impact

NovaSEC! Pre-RSA Rally (McLean, Virginia, USA, February 19, 2014) This unique forum allows participants to meet, interact on key issues and provide a unified forum to network with likeminded individuals and creates an opportunity to cultivate a strong and integrated community that demonstrates the Northern Virginia region's size, scope and impact on the Country's cyber landscape. This particular event will take place one week before the annual RSA Conference in San Francisco. We view this as an opportunity for security professionals to network and discuss current security topics that will be highlighted at the RSA Conference. Plenty to talk about in 2014 for sure! So whether you are going to RSA or not this is the place to connect socially with your peers

FBI HQ Cloud Computing Vendor Day (Washington, DC, USA, February 19, 2014) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing four 'Vendor Days' a year focusing on technology that can enhance current IT capabilities. These market research events will enhance exposure for all Department of Justice (DOJ)/Federal Bureau of Investigation (FBI) employees to new products and services and to have an opportunity to interact directly with the industry. Vendor days are for demo purposes only and are designed to facilitate FBI market research efforts. Attending vendors shall make all inquiries concerning pending or future FBI requirements to the cognizant FBI contracting officer

New FFIEC Guidelines on Social Media: 3 Things You Need to Know (Webinar, February 19, 2014) We'll take an in-depth look at the new Federal Financial Institutions Examination Council (FFIEC) guidelines on social media and consumer compliance risk, and how they may impact your organization. We'll break down nearly 20 pages of dense government material, distilling the key topics for legal, compliance, risk and finance professionals

Free OWASP Training and Meet Up (San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn more about securing their code as well as security professionals who want to become acquainted with the latest web vulnerabilities

RSA Conference USA (San Francisco, California, USA, February 24 - 28 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each year, educational sessions feature new and returning educational tracks you won't find anywhere else

Nellis AFB Technology & Cyber Security Expo (Las Vegas, Nevada, USA, February 26, 2014) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case last year, the 2014 event will once again have a Cyber Security theme. This is an excellent opportunity for any technology or cyber company to meet with the personnel at Nellis AFB, as well as the local AFCEA members

Cloud Expo Europe (London, England, UK, February 26 - 27 2014) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex hosting to development platforms

Suits and Spooks Security Town Hall (San Francisco, California, USA, February 27, 2014) Privacy versus Security: An Informed Debate and Discussion to Raise Industry Awareness. Taia Global and our sponsoring companies are hosting our first Suits and Spooks Security Town Hall at the Ritz Carlton San Francisco on February 27, 2014 (7pm-10pm). We are condensing the Suits and Spooks two-day "collision" model into a 3-hour debate and discussion format to help raise awareness about the complexities involved in balancing security objectives with our privacy rights

Trustworthy Technology Conference (San Francisco, California, USA, February 27, 2014) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens who are interested in discussing the technical, legal and ethical underpinnings of a stronger social contract between users and technology

Creech AFB Technology & Cyber Security Expo (Indian Springs, Nevada, USA, February 27, 2014) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is an excellent opportunity for technology, cyber and tactical technology companies to meet with remote personnel at Creech AFB. At the 1st Annual event held in February 2013 over 100 Creech AFB personnel attended this event. Some of their job descriptions included: Commander, Flight Chief, Communications Officer in Charge, IT Lead, Systems Admin, Wing Training, Information Assurance Officer, Knowledge Management, Section Chief, Avionics, Physical Security, Project Manager, Director and more

Nuclear Regulatory Commission ISSO Security Workshop (Rockville, Maryland, USA, March 17, 2014) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce are encouraged to exhibit at this one-day expo. Topics of the workshop and of high interest to attendees include: computer security policy, standards and guidance, cybersecurity, FISMA compliance, and training updates

ICS Summit 2014 (Lake Buena Vista, Florida, USA, March 17 - 18 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security

27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference (Gaithersburg, Maryland, USA, March 19, 2014) The 27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference will be held at the National Institute of Standards and Technology on March 18-20, 2014, exhibits will be on display March 19 only. This year's theme "Partners in Performance: Shaping the Future of Cybersecurity Awareness, Education, and Training" will focus on developing a better understanding of current information systems/cybersecurity projects, emerging trends, and initiatives. Through numerous high quality sessions, approximately 200 attendees will learn new ways to improve their IT security program and practical solutions to training problems while earning Continuing Professional Education (CPE) credits. The vendor fair gives attendees a tactical look at the products and services available to meet their professional goals

Suits and Spooks Singapore (Singapore, March 20 - 21 2014) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate in a globally hostile environment that consists of foreign intelligence collection, mercenary hacker crews, insider threats, and supply chain/vendor vulnerabilities. Our international list of speakers will discuss who the threat actors are, what they're after, and best practices to mitigate the risks

MCT-Congress: Going Mobile with Clinical Trials (Edinburgh, Scotland, UK, March 20 - 21 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have on the clinical research process

Veritas 2014 (London, England, UK, March 25 - 27 2014) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the sector will show you how the right approaches can lead to far-reaching results in business model innovation, risk mitigation and identifying new revenue streams. See how Veritas 2014 will help you develop your big data implementation strategy

Cyber Security Management for Oil and Gas (Houston, Texas, USA, March 26 - 27 2014) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security breaches while ensuring your employees, social media and mobile devices operate effectively. Implementing best practices in order to achieve and maintain SCADA and other key systems security. How a "critical infrastructure" designation would impact different aspects of oil and gas cyber security management

SyScan 2014 (Singapore, March 31 - April 4 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CyberSecurity Innovation Forum (, January 1, 1970) Join us for a series of short case study presentations by cybersecurity experts and technology innovators from throughout the region. Presentations will be followed by a panel discussion with plenty of...

NovaSEC! Pre-RSA Rally (, January 1, 1970) This unique forum allows participants to meet, interact on key issues and provide a unified forum to network with likeminded individuals and creates an opportunity to cultivate a strong and integrated...

FBI HQ Cloud Computing Vendor Day (, January 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing...

New FFIEC Guidelines on Social Media: 3 Things You Need to Know (, January 1, 1970) We'll take an in-depth look at the new Federal Financial Institutions Examination Council (FFIEC) guidelines on social media and consumer compliance risk, and how they may impact your organization. We'll...

Free OWASP Training and Meet Up (San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn...

RSA Conference USA (San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...

Nellis AFB Technology & Cyber Security Expo (, January 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...

Cloud Expo Europe (, January 1, 1970) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex...

Suits and Spooks Security Town Hall (, January 1, 1970) Privacy versus Security: An Informed Debate and Discussion to Raise Industry Awareness. Taia Global and our sponsoring companies are hosting our first Suits and Spooks Security Town Hall at the Ritz Carlton...

Trustworthy Technology Conference (, January 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens...

Creech AFB Technology & Cyber Security Expo (, January 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is...

Nuclear Regulatory Commission ISSO Security Workshop (, January 1, 1970) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce...

ICS Summit 2014 (Lake Buena Vista, Florida, US, March 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset...

27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference (, January 1, 1970) The 27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference will be held at the National Institute of Standards and Technology on March 18-20, 2014, exhibits will be...

Suits and Spooks Singapore (, January 1, 1970) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate...

MCT-Congress: Going Mobile with Clinical Trials (Edinburgh, Scotland, UK, March 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have...

Veritas 2014 (, January 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the...

Cyber Security Management for Oil and Gas (, January 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security...

SyScan 2014 (Singapore, March 31 - April 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.