skip navigation

More signal. Less noise.

Daily briefing.

Data breaches, unrelated to the Kaptoxa criminal campaign, are disclosed in Germany and Canada. Sportswear maker Easton-Bell also falls victim, in its case to an exploit directed against vendor servers.

More information on those responsible for Kaptoxa emerges. Russian criminals were indeed behind the exploit (although the mastermind was not the teenaged prodigy named in early accounts) and their activities show the complexity of the black market (including the black labor market).

Observers make two points about the Kaptoxa episode, neither surprising. First, a significant amount of the data stolen was worthless, and, second, breaches may, apart from the biggest ones, now be accepted as a simple cost-of-doing business. (But such reports of normalization may be premature, as the National Retail Federation and others express strong support for general adoption of chip-and-pin technology.)

Other observers note that perceived privacy violations (like the recent but unrelated SnapChat breach) do more damage to a brand than breaches perceived as security problems.

Google's reCAPTCHA system is under attack by a reCAPTCHA breaking service. Another Google product, its Chrome browser, is reported vulnerable to exploitation for microphone eavesdropping.

Crowdstrike reports a shift in hacktivist tactics: political groups that formerly concentrated on striking primary targets (usually government Websites' appearance or functionality) are increasingly turning their attention to attacks on third parties without any obvious connection to hacktivists' political goals. Current hacktivism shows a mix of old and new.

President Obama's surveillance policy speech gets mixed reviews from Democratic Senators.

Snowden denies being a Russian spy.

Notes.

Today's issue includes events affecting Armenia, Azerbaijan, Brazil, Canada, China, Germany, Indonesia, Israel, Republic of Korea, Mexico, Romania, Russia, Saudi Arabia, Syria, United Kingdom, United States..

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

New FFIEC Guidelines on Social Media: 3 Things You Need to Know (, January 1, 1970) We'll take an in-depth look at the new Federal Financial Institutions Examination Council (FFIEC) guidelines on social media and consumer compliance risk, and how they may impact your organization. We'll...

Trustworthy Technology Conference (, January 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens...

"Cyber Threat Landscape": How the FBI is counteracting the current threats (, January 1, 1970) Donald J. Good, FBI Section Chief Cyber Operations and Outreach Section, will offer first-hand awareness of how the FBI works with other government agencies and the private sector to counteract the current...

Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, January 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber...

U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, January 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees...

2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, January 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations.

Cyber Training Forum at NGA (Springfield, Virginia, USA, February 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence...

U.S. Department of Commerce Technology Expo (, January 1, 1970) Department of Commerce is interested in hearing from you! The OCIO Office is specifically looking for speakers on Vulnerability Management and Implementation of Continuous Monitoring. Please contact...

Cyber Security 2014 (, January 1, 1970) The threats and the opportunities conference brings together over 150 business leaders, senior decision makers, business development managers and IT professionals from across the whole defence and security...

Security Analyst Summit 2014 (Punta Cana, Dominican Republic, February 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community.

FBI HQ Cloud Computing Vendor Day (, January 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing...

RSA Conference USA (San Francisco, California, USA, February 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each...

Nellis AFB Technology & Cyber Security Expo (, January 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case...

Creech AFB Technology & Cyber Security Expo (, January 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.