skip navigation

More signal. Less noise.

Daily briefing.

The Sochi Olympics (opening on February 7) continue to attract the attention of hacktivists, cybercriminals, and the security organs that work against them. Private security firms are heavily involved in preparations.

The Target data breach, for all of the ingenuity and effectiveness with which it was executed, appears to have employed what Forbes calls "bargain-basement malware": the BlackPOS exploit kit, available on the black market for $1800. BlackPOS is generally thought to be of Russian origin, but given its widespread availability this provenance is of limited use in attribution. The mechanism of infection also remains unclear.

Target's payment processing contractors probably face fines.

Neiman Marcus, the other known victim, is now the subject of a class-action lawsuit. Banks are seeing patterns of fraudulent card use that strongly suggest other compromised retailers.

Cisco patches three vulnerabilities in its Secure Access Control System.

Security worries slow enterprise cloud migration, but malware distributors show little compunction, increasingly hosting their wares in public clouds (especially Amazon and GoDaddy).

Recent data breaches have spurred business purchases of cyber insurance. Analysts differ over the effect of a recent US net neutrality court decision. Google buys security start-up Impermium. Google's recent purchase of Nest may be more about the consumer data Nest collects than about home automation. Privacy concerns have helped search engine DuckDuckGo gain users.

NIST will release its cyber security framework in the US next month; close scrutiny is expected.

Few observers expect US President Obama to announce significant surveillance policy changes in tomorrow's speech.


Today's issue includes events affecting China, European Union, France, India, Indonesia, Japan, Kenya, Republic of Korea, Democratic People's Republic of Korea, Pakistan, Philippines, Russia, Singapore, Syria, Turkey, United Kingdom, United States..

Monday is Martin Luther King Day, and the CyberWire will observe the holiday with a one-day hiatus.

Cyber Trends

Closing time for the open Internet (The New Yorker) Since 1970 or so, carriers like A. T. & T. and Verizon have been barred from blocking or degrading whatever is transported over their lines. Although, at the time, the rule primarily concerned long-distance voice calls, that principle, applied to the Internet, has become known more recently as net neutrality. It offers a basic guarantee: that content providers on a network—whether it be YouTube, Wikipedia, or bloggers—can reach their users without worrying about being blocked, harassed, or forced to pay a toll by the carrier. Policing that rule in its various guises has been a core mission of the Federal Communications Commission for the past four decades—and keeping carriers away from Internet content has been among the F.C.C.'s most successful policy initiatives since its creation, in 1934. It is the Magna Carta of the Web; today, there's not a tech firm or a blog that doesn't owe something to the open, unblocked Internet

Opinion: The Internet of dumb, nasty things is on the way (TechTarget ChannelMedia) Machines: We can't live without them, but they're about to gang up on us and do us in, judging by data released by Ovum. Nick Booth is worried

Manufacturing, Energy: Targeted Attacks Growing (Industrial Safety and Security Source) The manufacturing and energy sectors are in the top five industries for targeted attacks, a new whitepaper said

Cyberwar increasingly defined by espionage and regional conflicts, argues FireEye (ComputerWorld) The world is still in the foothills of the cyberwar era but already online confrontation is being defined by an unstable and possibly dangerous mixture of proxy conflicts and old-fashioned espionage mixed with lower-level digital activism, security firm FireEye has said

Malware makers turn to cloud (ZDNet) The cloud is becoming an increasingly appealing place for malware distributors to host their code

Amazon and GoDaddy are the biggest malware hosters (Help Net Security) The United States is the leading malware hosting nation, with 44 percent of all malware hosted domestically, according to Solutionary. The U.S. hosts approximately 5 times more malware than the

Security concerns are still holding back cloud adoption (Help Net Security) There are significant differences in public cloud infrastructure concerns between the cloud-wise, organizations that are currently using cloud services, and the cloud-wary, organizations that are not

Data transparency moves increase cyber-attack risks (Pharma Times) The drive for transparency of clinical-trial data in the pharmaceutical industry and associated sectors will inevitably increase the vulnerability of data networks to cyber-attacks, warns a hacking expert at professional services organisation Ernst & Young

Internet security New Year's resolutions: Europe needs to wise up on mobile and Mac insecurity (TechNews) A startling proportion of Europeans still believe their systems are completely safe to use without any security software, with many convinced their smartphones and Macs don't need any protection


Attacks spur surge in cyber insurance sales (Financial Times) Sales of "cyber insurance" policies have surged almost a third at AIG, the biggest standalone insurer in the US, as companies seek to protect themselves from a growing onslaught of cyber attacks and data breaches

Net Neutrality Change Already Turns Some Companies Into Winners (24/7 Wall Street) Verizon Communications Inc. (NYSE: VZ) is on the winning end of an argument about Net Neutrality. A US appeals court has overturned certain aspects of the so-called Net Neutrality laws, which effectively required Internet service providers to treat all web traffic equally without regard to the source. The court ruled that the FCC does not have the right to force providers to force carriers to be neutral

By winning on net neutrality, US internet service providers may really have lost (Quartz) Today, Netflix shares are falling, and one reason for the sell-off is yesterday's US court decision overthrowing "net neutrality" rules—but investors may be acting prematurely

Security startup Impermium joining Google (NetworkWorld) Google expects Impermium to fit in with Google's own spam and abuse teams

What Google can really do with Nest, or really, Nest's data (Ars Technica) Hint: it's not home automation. Google's acquisition of Nest for $3.2 billion this week has been heralded as the company's big move into home automation. Nest has made overtures about customer privacy, but given the size and profitability of its new owner's advertising and personal data business, the new relationship needs a closer examination

IDA-FireEye collaboration to boost cyber security in S'pore (Channel NewsAsia) Cyber security in Singapore will get a boost with the opening of a centre dedicated to developing expertise in the area. To staff the centre, global network security company FireEye aims to hire more than 100 cyber security professionals over the next two years

Private Messaging App Vendor Wickr Offers Hackers $100,000 for Bugs (Threatpost) Bug bounty programs, for the most part, have been the domain of large software vendors and Web companies such as Google, Mozilla, Microsoft, PayPal and Facebook. But some smaller companies are now getting involved, with the latest one to announce a bounty being Wickr, the maker of secure messaging apps for Android and iOS, and

John Sutton: QinetiQ North America-BroadSoft Team Focuses on Cloud Security (Executive Mosaic) QinetiQ North America and BroadSoft have moved to extend their partnership to develop unified communications services for federal, defense and intelligence customers

Why HP chose India as its way back into the smartphone market (Quartz) The short answer: India will be, after China, the single largest market for smartphone sales in 2014, according to a recent forecast

Best big data value opportunity for investors (FierceBigData) Not everyone investing in big data is doing so by buying tools for their own use. Investors are eyeing vendor stock in hopes of reaping big returns too. If you're into investing in big data via the stock market, then you'll likely find the Splunk-Tableau-Verient debate interesting

BAE continues intelligence analysis system development (UPI) BAE Systems says it is to continue to lead a team effort simplify the work of intelligence analysts in processing mass, complex data from multiple sources

NYPA shores up cyber defenses (FierceSmartGrid) The New York Power Authority (NYPA) is partnering with the Center for Internet Security (CIS) to facilitate real-time information sharing to reinforce NYPA's cyber defense capabilities and critical infrastructure assets against potential cyber threats. The partnership will allow NYPA access to the very best security analysis, and the sharing of information will boost NYPA's cyber defenses and ability to respond to cyber occurrences

Amazon's Workers Reject Union, But Its People Problem Won't Go Away (Wired) As Amazon grows ever-larger, and customer demand for efficiency along with it, the pressure on its workers will only increase, as will the potential for unrest

KPMG scales down sponsorship of the Cyber Security Challenge because of a 'lack of credible candidates' (Computing) 'Big Four' professional services firm KPMG has scaled down its sponsorship of the Cyber Security Challenge (CSC) because of a lack of credible talent for the firm to recruit

Cyber Security Challenge CEO hits back at KPMG's 'lack of credible candidates' claim (Computing) The CEO of the Cyber Security Challenge, Stephanie Daman, has hit back at claims that the series of national events designed to encourage talented professionals to join the UK IT security sector has failed to attract suitable candidates

Gaining the attention of Gen Y (SC Magazine) The increasing number of breaches continues to create awareness at enterprises that are increasingly bulking up their security programs. But, as the workforce demand continues to rise, the industry needs to get the attention of millennials to fill positions

Thomas Kennedy to Become Raytheon CEO March 31; William Swanson to Retire (Executive Mosaic) Thomas Kennedy, executive vice president and chief operating officer at Raytheon (NYSE: RTN) since April 2013, will serve as CEO of the defense technology maker starting on March 31. William Swanson, CEO for 10 years and a 41-year company veteran, will retire from the chief executive role on that date and continue to serve as chairman of the board of directors

Symantec appoints Sanjay Rohatgi as President of India Sales (Business Standard) Cyber security software provider Symantec today appointed Sanjay Rohatgi as President of Sales for India

Paul Casey Named Northrop UAE Intl Business Development Head (Executive Mosaic) Paul Casey has been appointed to serve as director of international business development for the United Arab Emirates at Northrop Grumman, Monday. Casey will lead the business development activities in the UAE and the rest of the Middle East region, the company announced Tuesday

Products, Services, and Solutions

Latest in privacy protection tools: GPS shifting for smartphones (FierceBigData) In the topsy turvy world we live perhaps it shouldn't come as surprise (although it is a bit shocking, actually) that a social discovery mobile dating app is among the first to come up with a feature to dislocate your location. Yes, you heard me right. A dating app that allows you to see other people that are close to your current location also enables you to cast a different location to others than where you are actually standing. It also lies about where you are to Facebook and other social media, to pesky retailers tracking you in their store and even to quite a few data brokers

DuckDuckGo continues to gain larger audience (FierceContentManagement) DuckDuckGo reported phenomenal growth last year, and it's no wonder. In a time when our privacy is continually being eroded, and every day there seems to be a new revelation about government surveillance, many people are looking away from major search engines like Google and Bing and moving to DuckDuckGo, a service that guarantees it doesn't save your search information

DissidentX from BitTorrent creator hides messages inside other messages (Slashgear) Recent events in the US and elsewhere have given rise to renewed and more mainstream interest in cryptography. But while the more popular methods are slowly proving to be inadequate, a stronger option might soon be available in the form of DissidentX, a software made by Bram Cohen, more popular for having created the BitTorrent file sharing protocol

A10 Networks offers a DDoS protection appliance based on ADC platform (TechTarget SearchNetworking) ADC vendor A10 Networks announces the Thunder TPS, an anti-DDoS appliance for enterprises and service providers

All Twitter Apps Must Deploy SSL/TLS (Threatpost) Twitter has begun enforcing HTTPS connections between applications and its API

Bitrot and atomic COWs: Inside "next-gen" filesystems (Ars Technica) Most people don't care much about their filesystems. But at the end of the day, the filesystem is probably the single most important part of an operating system. A kernel bug might mean the loss of whatever you're working on right now, but a filesystem bug could wipe out everything you've ever done… and it could do so in ways most people never imagine

Close look awaits NIST cybersecurity framework due next month (Federal Times) Almost a year after President Obama issued an executive order aimed at bolstering protections against computer hacking attacks, a key juncture comes next month when the government releases a framework for reducing the risks of cyber threats

Tiger Team Sets 2014 Privacy Agenda (HealthCareInfoSecurity) Privacy issues involved when patients authorize individuals to securely access their electronic health information on their behalf are among the topics the Privacy and Security Tiger Team will tackle this year

Next-generation authentication technologies emerge to restore balance (TechTarget SearchSecurity) Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication technologies. This handbook discusses emerging authentication technologies that reduce organizational risk while limiting user inconvenience

Anomaly Detection, Knowing Normal Is the Key to Business Trust and Success (SecurityWeek) Threats and attacks are steadily increasing, and business executives face new challenges with trust exploits. While organizations adopt cloud computing and allow employee-owned devices onto the network, the challenge of securing company data increases exponentially. When it comes to advanced persistent threats (APTs), bad actors take advantage of every exploit to steal information, and look for the weakest link in enterprise security systems

When can you trust web services to handle your data? (Help Net Security) A new report by the EU's cyber security agency ENISA analyses the conditions under which online security and privacy seals help users to evaluate the trustworthiness of a web service

Why Cyber Security Is Not Enough: You Need Cyber Resilience (Forbes) With breaches on the rise, companies should focus on cyber resilience, not just cyber security. It's true. Cyber attackers have an edge on you. Just look at recent incidents of credit card information being stolen from Target and SnapChat users' names and cell phone numbers being published online

How to mitigate Atlassian Crowds SSO vulnerability (TechTarget SearchSecurity) Network security expert Brad Casey advises how to mitigate the vulnerability in SSO product Atlassian Crowd until an upgrade can be performed

Using the Google Transparency Report to enhance website blacklisting (TechTarget SearchSecurity) Threats expert Nick Lewis explores whether Google's Transparency Report can be used to enhance blacklisting of malicious websites in the enterprise

How do you know if your cloud is actually down? (Trend Micro Simply Security) These days, it is difficult to determine whether a cloud has actually gone down. There might be a brief outage, but caching and other systems kick in, and it is largely invisible. If your cloud-resident application is available and working for 90% of your audience, but not the other 10, is the cloud up or down? Is there an in between

5 Surprising Security Gains Achieved From Security Analytics (Dark Reading) Getting the most out of big data sets and seemingly unrelated security information

Research and Development

New Fujitsu Labs tech can do batch searches of encrypted data (Infoworld) Method based on public-key encryption uses homomorphic encryption to batch-search 16,000 characters per second using any search term

Security warnings do better if they use scammers' tricks, research finds (Naked Security) Researchers at University of Cambridge's Computer Laboratory actually modeled their security warnings on scammers' messages in their research, using techniques such as authoritative voice and clear descriptions of risks to see if people would resisting clicking through to malware

Symantec Patents Method To Weed Out Fake Or Malicious Torrents (Ubergizmo) For the most part when it comes to downloading torrents, spotting a fake or one laced with malware is relatively easy as you would only have to scan the comments and the negative votes. However there are times when the torrent might be new or unpopular which means that comments and votes are not available, so how do you tell then if the torrent you are about to download is a fake or contains malware? Well thanks to a Symantec patent, it seems that the anti-virus company is hoping to help make your future torrent downloads a safer and much more informed one at that. After all no one likes spending hours downloading a torrent only to find out it's a dud, right

Penn State to Offer New Option in Cybersecurity and Information Assurance for its Master's Degree in Information Sciences (PR Web) In today's interconnected society, information systems are vulnerable to a myriad of threats such as unwanted intrusions, illicit insider corruption or dissemination of data, and unexpected losses from natural or man-made disaster. As a result, government and industry need to hire individuals who have the knowledge and training to combat the onslaught of cyber-attacks. To meet that demand, Penn State's College of Information Sciences and Technology (IST) has created a new option within its Master of Professional Studies (MPS) in Information Sciences program that is designed to prepare graduates to work in the areas of cybersecurity and information assurance in the federal government or private sector

Student Programmer Competition Promotes Creativity, Diversity (SIGNAL Magazine) A competition for student programmers will recognize the importance of other disciplines and focus areas than the ones commonly associated with science, technology, engineering and mathematics (STEM), such as art (design), diversity and digital literacy. "Dream it. Code it. Win it." is organized by MIT and TradingScreen and will award more than $50,000 in scholarships and prizes to winners of the competition. Entrants must be at least 18 years old and enrolled at accredited colleges and universities in the United States. The deadline for entry is March 30, 2014

Cyber-Security in Corporate Finance (ICAEW) New initiative tackles cyber-security threat to corporate finance sector. Understanding, anticipating and managing cyber-security risks in corporate finance is crucial for all company directors and advisers; it is not an issue to be dealt with only by IT and technical specialists

New rules tighten rights, atrocity criteria in U.S. weapons shipments (Reuters) New guidelines for providing U.S. conventional weapons to other countries make rules on human rights more explicit and prohibit policymakers from approving weapons shipments they anticipate will be used to commit atrocities, U.S. officials said

Hill Intel Leaders Downplay Need for NSA Reforms (National Journal) Lawmakers atop the Intelligence committees are resisting pressure from liberals and conservatives alike

Obama Is Not About to Reform the NSA, Insiders Say (Foreign Policy) When President Barack Obama gives his much-anticipated speech on NSA surveillance Friday, he's unlikely to seize the opportunity to rein in the agency's vast surveillance programs. Instead, he will punt. Of the 43 recommendations from a panel that reviewed the agency's programs, Obama is expected to embrace very few, according to U.S. officials and news reports, leaving the harder task of long-term surveillance reform to Congress and the courts

U.S. spy agency's push for secrecy seen as another failing of Obama's transparency pledge (Miami Herald) The federal polygraph training academy, known as the National Center for Credibility Assessment, says it has operated in the unclassified domain for virtually its entire existence. The academy, established in 1951, is now being asked by the Defense Intelligence Agency to keep much of what it does secret

Homeland security subcommittee approves the National Cybersecurity and Critical Infrastructure Protection Act of 2013 (GSN) The Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies has approved the National Cyber Security and Critical Infrastructure Protection Act of 2013. The legislation primarily aims to fortify and codify many of the pre-existing national cyber security initiatives while prohibiting new regulatory authority at the Department of Homeland Security (DHS). It also allows private entities to interact with federal authorities to increase the level of cybersecurity across the board

Cyber Command, network defenses bolstered in spending bill (FCW) The $1 trillion omnibus appropriations bill for fiscal 2014 would more than double Defense Department spending on U.S. Cyber Command and would boost the Department of Homeland Security's funding to defend government networks

Juan Zarate on his Latest Book 'Treasury's War', Private-Public Financial Collaboration in National Security Efforts, and the Power of the 'Carrot' of Financial Inclusion (ExecutiveBiz) On the heels of the late 2013 release of his second book, Treasury's War: The Unleashing of a New Era of Financial Warfare, Juan Zarate caught up with ExecutiveBiz to discuss his and the Treasury Department's work in the years after 9/11 to promote U.S. national security interests through sophisticated global financial campaigns

New laws to stem cyber crime in Kenya (Daily Nation) New laws are being drafted to fight cyber crime in Kenya, the Director of Public Prosecutions has said

Complaint filed against Neiman Marcus, slams breach response (SC Magazine) A class-action complaint was filed against Neiman Marcus in the Eastern District of New York on Monday, just days after the major retailer announced that an undisclosed number of payment cards may have been stolen in a breach

High Court: 'Google privacy case can be heard in UK' (The Telegraph) Google vows to fight High Court decision that it can be sued for an alleged breach of privacy in UK despite being based in the US

San Diego Company Admits to Defrauding Defense Department of Millions (Department of Defense Inspector General) United States Attorney Laura E. Duffy announced today that San Diego-based Vector Planning & Services, Inc. ("Vector") entered into an agreement with the United States Attorney's Office in which it admits to criminally defrauding the Defense Department, and in which it agrees to pay restitution. Vector, which also has offices in Chantilly, Virginia, entered the agreement this afternoon in federal court in San Diego before U.S. Magistrate Judge William McCurine, Jr

Hackers Used Amazon's Cloud To Scrape LinkedIn User Data (Business Insider) Hackers have been using Amazon's powerful data center computers to scrape data from thousands of LinkedIn accounts in order to create fake profiles on the site, according to a new complaint the company has filed in the U.S. district court of Northern California

Philippines web abuse ring smashed in UK-led operation (BBC) A paedophile ring that streamed live child abuse from the Philippines over the internet has been broken up after an operation by UK police and their counterparts in Australia and the US

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

FloCon2014 (Charleston, South Carolina, USA, January 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network...

cybergamut Tech Tuesday: Malware Reverse Engineering - An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (Columbia, Maryland, USA, January 21, 2014) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer...

CANCELLED DUE TO WINTER STORMS: cybergamut Tech Tuesday: Malware Reverse Engineering — An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (Columbia, Maryland, USA, January 21, 2014) This talk has been cancelled. Please consult cybergamut for scheduling updates.

Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...

U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...

2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.

Cyber Training Forum at NGA (Springfield, Virginia, USA, February 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence...

Security Analyst Summit 2014 (Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.

The Insider Threat: Protecting Data and Managing Risk (Online, February 11, 2014) As recent events have demonstrated, the threats from inside government have the potential to be more harmful than the hacking activities of our enemies. Protecting sensitive government information from...

Free OWASP Training and Meet Up (San Francisco, California, USA, February 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn...

RSA Conference USA (San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...

Nellis AFB - Technology & Cyber Security Expo (Las Vegas, Nevada, USA, February 26, 2014) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.