skip navigation

More signal. Less noise.

Daily briefing.

Espionage kit "Regin" dominates today's news. Symantec published a lengthy report on the stealthy, persistent, advanced malware over the weekend. Regin is being widely compared to Stuxnet, but (reflexive journalistic comparison to familiar stories aside) any similarity appears to lie not in functionality, but rather in sophistication and tentative attribution. As F-Secure notes, "for a change" the malware doesn't appear to originate in Russia or China, and other observers are talking about " Western intelligence services" — possibly the US and Israel. F-Secure notes that it found a version of Regin on a northern European Windows server in 2009. Symantec (which notes that it didn't name the malware, "Regin" being a malign actor in Norse mythology) thinks the kit may have been in active use as far back as 2006.

Other notes on cyber war include US concerns about China (as NSA Director Rogers's warnings about critical infrastructure sink in) and (again) Iran, and Indian worries about a Pakistani-ISIS link. ISIS continues its activity in social media on several fronts, but other instances of "crowd-sourced war" crop up elsewhere, notably in Ukraine. A demotically titled op-ed in the Verge argues that the damage done in cyber war is essentially collateral; perhaps cyber war is impossibly discriminate.

Anonymous is causing trouble in Canada with hits on official site in Toronto and Ottawa. The proximate inspiration is apparently a teen's arrest for swatting: Anonymous objects to the arrest.

In industry news, analysts continue to review cyber stocks. Tenable may be prepping an IPO.

Notes.

Today's issue includes events affecting Afghanistan, Austria, Belgium, Brazil, Canada, Chile, China, Ecuador, European Union, India, Iran, Iraq, Ireland, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Mexico, Netherlands, New Zealand, Pakistan, Russia, Saudi Arabia, Syria, Ukraine, United Kingdom, United States.

We'll be observing the Thanksgiving holiday home with our families, and won't publish on Thursday or Friday. The CyberWire will reappear as usual on Monday, December 1.

Cyber Attacks, Threats, and Vulnerabilities

Stuxnet-style malware 'developed by Western intelligence agency' uncovered in Russia and Saudi Arabia (Computing) New malware dubbed "Regin", which has been likened to Stuxnet, has been uncovered in Russia and Saudi Arabia, according to Symantec

Regin: Top-tier espionage tool enables stealthy surveillance (Symantec) An advanced spying tool, Regin displays a degree of technical competence rarely seen and has been used in spying operations against governments, infrastructure operators, businesses, researchers, and private individuals

The Regin Espionage Toolkit (F-Secure) Regin is the latest in the line of sophisticated espionage toolkits used to target a range of organizations around the world. As already reported, it's one of the more complex pieces of malware around, and just like many of the other toolkits it also has a long history behind it. We first encountered Regin nearly six years ago in early 2009, when we found it hiding on a Windows server in a customer environment in Northern Europe

Stealthy, sophisticated 'Regin' malware has been infecting computers since 2008 (PC World) Symantec researchers have identified a particularly sophisticated piece of malware, called "Regin" that was likely developed by a nation state and has been used to spy on governments, infrastructure operators, businesses, researchers and individuals since at least 2008

Researchers Uncover Government Spy Tool Used to Hack Telecoms and Belgian Cryptographer (Wired) It was the spring of 2011 when the European Commission discovered it had been hacked. The intrusion into the EU's legislative body was sophisticated and widespread and used a zero-day exploit to get in

Traces of Regin malware may date back to 2006 (IDG via CSO) Malware that Symantec says was probably developed by a nation state may have been used for as long as eight years, a length of time that underscores the challenges the security industry faces in detecting advanced spying tools

Stuxnet-like malware highlights need for skills and vigilance (Computerweekly) The discovery of an advanced piece of malware that has been used to spy against organisations for at least six years underlines the need for skills and vigilance, say security experts

SECURITY: Cyberattackers have penetrated U.S. infrastructure systems — NSA chief (E&E News) The head of the National Security Agency and the U.S. Cyber Command said yesterday that unnamed foreign nations and groups have gained the technical capability to take down control systems that operate U.S. power grids, water systems and other critical infrastructure

Intel boss' warning on cyber attacks no joke, say experts (Fox News) Top cybersecurity experts echoed a dire warning from a top intelligence chief on the vulnerability of the U.S. power grid, with one telling FoxNews.com that state-sponsored hackers could send America's nerve centers on an "uncontrollable, downward spiral"

Fears grow of Iran cyber attack (The Hill) Fears are growing that Iran will unleash cyber warfare on U.S. companies if negotiators are unable to reach a nuclear deal by Monday that would require Tehran to limit its nuclear program

Crowdsourced War (TechCrunch) At least 4,000 people have died in Eastern Ukraine, according to United Nations estimates, spilling roughly 5,000 gallons of blood on the nation's soil

India calls Islamic State a big threat on cyber world (Daily Times) India's Home Affairs Minister Rajnath Singh on Saturday blamed that terrorism in India was Pakistan-sponsored, hitting out at neighbouring country over Dawood Ibrahim, whom he described as the 'most-wanted criminal'

Gitmo 'Poet' Now Recruiting for Islamic State (Weekly Standard) An ex-Guantanamo detainee based in northern Pakistan is leading an effort to recruit jihadists for the Islamic State, an al Qaeda offshoot that controls large portions of Iraq and Syria

ISIL targets Halifax security forum with social media messages (Halifax Chronicle Herald) ISIL is sending messages to participants and staff at the Halifax International Security Forum, the conference's top official said Saturday

Anonymous targets Canadian City, Police, Supreme Court against teen's arrest. (Hack Read) A hacker going with the handle of @AerithXOR hacked the official website of Ottawa city, Canadian Supreme Court and Ottawa police

Toronto Police Service website down after DDoS attack (Toronto Star) The Toronto Police Service website was the subject of a Distributed Denial of Service attack on Sunday evening after a Twitter user threatened to hack the site

Hackers pledge more attacks (Ottawa Sun) The Anonymous hacker group that carried out Friday's cyber attack on City Hall has pledged attacks on eight more targets, including Ottawa Police and the Supreme Court

Ecuadorian President Says His Accounts Under Cyber Attacks From US (Sputnik) Ecuadorian President reportedly announced that his accounts have been a target of cyber attacks that came from the United States

Hikvision DVRs sporting bugs that allow device hijacking (Help Net Security) A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining malware. They were successful because the DVRs come with a default administrative account "admin" with password "12345," and these are often left unchanged by users

Backdoored CMS Plugins Used to Hijack Web Servers (SecurityWeek) Thousands of backdoored plugins and themes for popular content management systems (CMS) are being leveraged by a threat group to abuse Web servers on a large scale

Hacking RFID Payment Cards Made Possible with Android App (TrendLabs Threat Intelligence Blog) We recently encountered a high-risk Android app detected as ANDROIDOS_STIP.A in Chile. This app, found distributed through forums and blogs, can be used to hack into the user's RFID bus transit card to recharge the credits. What is the mechanism behind this, and what is the security risk of RFID payment cards in general?

'DoubleDirect' MitM attack affects iOS, Android and OS X users (SC Magazine) For at least six months, a security firm has seen a specific type of man-in-the-middle (MitM) attack, dubbed "DoubleDirect," being leveraged, which puts iOS, Android and OS X users at risk

Four-year old comment security bug affects 86 percent of WordPress sites (Ars Technica) Bug allows script attack that could be used to hijack sites or attack visitors

Lookout Mobile Security Software Discusses NotCompatible Malware (Dumb Out) When mobile devices — nay, cell phones — started to make their way into the common public fray, security experts and researchers knew that it would only be a matter of time before these pieces of technology would become the target of malicious software like spam and malware

A Nightmare on Malware Street (SecureList) CoinVault ransomware in the wild

Craigslist Domains Hacked by Digital Gangsters, down around the world. (Hack Read) A group (probably hacking) going with the handle of Digital Gangsters has hacked the world-renowned classified advertisements website Craigslist

Has the PlayStation Network really been hacked? Should you change your password? (Naked Security) A smallish sample of usernames and passwords allegedly stolen from services listed as PlayStation Network (PSN), Windows Live and 2K Gaming has been leaked by a trio of crackers calling themselves

Vaporizer chargers can contain malware (Webroot Threat Blog) Vaporizers (AKA E-cigarettes) have been gaining some serious traction and widespread use over the past few years. The sudden surge of popularity isn't too surprising considering the fact that the health implications of nicotine consumption are vastly more favorable with vaporizers when compared to traditional cigarettes

FUD: E-Cig chargers said to be delivering malware (CSO) There is absolutely no proof these claims are true, none

Russian webcam-spying site highlights common security failing (ComputerWeekly) A Russian website collecting streaming images from internet-connected cameras in the UK and more than 200 other countries highlights a common security failing, say information security professionals

Webcam snooper now looking for a job (IDG via CSO) The developer of a widely vilified website that aggregated feeds from unsecured webcams is apparently looking for work as a remote programme

Budding Brazilian Hackers Get Online Training from $46 (Infosecurity Magazine) Wannabe cyber-criminals in Brazil can receive online training in the dark arts from as little as $46, the only place in the world this is possible, according to new research from Trend Micro

Are Some Parts of the Web Especially Likely to Host a Phishing Attack? (Cyveillance Blog) We recently shared intelligence about the phishing threat based on real attacks Cyveillance saw over a one year period

Companies urged to 'consider the risks' of non-computing devices connected to global networks (Canadian Underwriter) There is an increase in the number of cars, industrial control systems and other non-computing devices that are connected to a global computer network, some of these devices are sold without "thorough security and functional testing" and are therefore "easier targets" for criminals than personal computers, yet most corporate information technology departments "are not responsible" for managing the security of such devices, IBM Corp. warned in a recent report

Bulletin (SB14-328) Vulnerability Summary for the Week of November 17, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Security Patches, Mitigations, and Software Updates

Sony quietly POODLE-proofs Playstations (Register) Innocuous 'system software stability' update brings no patch, no surf, regime

You stupid BRICK! PCs running Avast AV can't handle Windows fixes (Register) Fix issued, fingers pointed, forums in flames

Cyber Trends

The Week When Attackers Started Winning The War On Trust (Dark Reading) The misuse of keys and certificates is not exotic or hypothetical. It's a real threat that could undermine most, if not all, critical security controls, as recent headlines strongly show

Cloud Security By The Numbers (Dark Reading) Quantifying the perceptions around cloud security practices

Retailers optimising transactions but forsaking security this holiday season (GrowthBusiness) Despite record growth in online transactions forecast around the Christmas period, compliance and security is lower than ever

Cyberwar is bullshit (Verge) As governments build stronger and smarter digital weapons, we're all collateral damage

Financial services cyber trends for 2015 (Help Net Security) If 2014 was the "year of the breach," then what future cybersecurity threats await us? What's the next mode of attack, and how much worse will it be? That's the question on the minds of financial services companies as they invest in cyber protection measures, manage growing customer concerns and try to predict what's next

Cybersecurity lapses leave government agencies vulnerable to hackers (Washington Times) State Department, Postal Service, White House experience breaches as recommendations ignored

Marketplace

Why Palo Alto Networks Rallied 87% in 2014 (Motley Fool) Palo Alto Networks' (NYSE: PANW ) stock has soared 87% in 2014, easily outperforming its industry peers and the overall market. What fueled that massive rally, and will the stock keep climbing in 2015?

Verint Is A Highly-Rated Economic Castle (Seeking Alpha) Let's have a look at Verint, one of the highest-rated economic castles in our coverage. We think the strongest companies on a fundamental basis are ones that generate the most value for shareholders

Splunk Jumps On A Rock Solid Quarter (Motley Fool) Unstructured data specialist Splunk (NASDAQ: SPLK) has had a rather turbulent year. After peaking at $106 in February, shares pulled all the way back to $40 as names in big data briefly fell out of favor. Well, shares have been on the road to recovery for a few months now, and Splunk just reported strong earnings that are giving its recovery even stronger legs

IBM Stock: Will This New Technology Kick-Start Big Blue? (Motley Fool) At this point, IBM's (NYSE: IBM) struggles have been well documented. As CEO Ginni Rometty and team continue the company's transition from old-school technologies such as hardware and PC-related solutions — IBM's former bread and butter — anxious investors are quickly running out of patience. One look at IBM's stock price, which is hovering at or near 52-week lows, speaks volumes

CipherCloud raises $50 million for APAC expansion (Business Spectator) Cloud visibility and data protection firm CipherCloud has announced a $50 million round of financing, to be used for marketing and growth across Europe and Asia Pacific

Northrop Grumman Launches Cyber Center (National Defense) Northrop Grumman, in an effort to address its clients' most dangerous cyber threats, announced on Nov. 19 the launch of its new Advanced Cyber Technology Center

VA to spend $60 million more on cyber after auditors' continued concerns (Federal News Radio) Government auditors say the Veterans Affairs Department's cybersecurity problems are mildly better, but huge concerns remain about the security of veterans' data

Number Of UK IT Security Jobs Doubles In Past Year (TechWeek Europe) The UK is reporting a higher demand for IT security professionals than ever before as businesses look to shore up their defences following a series of high-profile cyberattacks

Malcovery's Phil Compton Named CFO of the Year (PRWeb) Malcovery Security, the leading provider of cyber threat intelligence, announced today that its Chief Financial Officer, Phil Compton, was named the 2014 CFO of the Year, in the "For-Profit Small" category, by the Pittsburgh Business Times

ForgeRock Adds Security and Enterprise Software Industry Veteran Robert Humphrey as Chief Marketing Officer (Marketwired) Marketing leader hired to drive global brand awareness and revenue growth

Tom McNeight Joins Vorstack Board of Directors (PRWeb) Tech heavyweight with history of building great companies to help grow threat intelligence market

Thales Board To Select New Chief Executive (Defense News) Thales will hold a board meeting on Monday to choose a successor to Chairman Jean-Bernard Levy, who is leaving the defense electronics company to take the top job at utility giant Electricité de France (EDF), a company executive said

Capital Buzz: Tenable hires executive with IPO experience (Washington Post) Tenable Network Security, the Columbia-based company that helps businesses and government agencies guard against cyber attacks, may be preparing to go public

Products, Services, and Solutions

IBM Offers Single-User Bluemix For Added Cloud Security (TechWeek Europe) IBM's latest offerings are intended for customers who want to buy into the cloud while keeping a maximum of control over their data

Ghostery Makes Privacy Marketable (InformationWeek) Service that blocks Web tracking code turns out to be good for business, too

The BlackBerry Passport enigma: TCOB-machine or "worst designed thing, ever" (Ars Technica) It's not your teenager's smartphone, which is kind of the point

New System Detects and Alerts to Automobile Cyber Attacks (Marketwired) Network Enforcement Module helps protect today's sophisticated 'computers on wheels'

We compare BitDefender Antivirus with Panda Global Protection 2014 (Gamer Headlines) In the modern day and age of the use of firewalls and security software is becoming incredibly important for individuals who want to keep their computer safe and their data secure. In this review we will take a look at two high-quality security tools and will outline the features on the way in which they can be used. We also outline their level of protection and will decide which one is the best. In this review will compare the Panda Global Protection 2014 with the BitDefender Antivirus

Check Point Next Generation Threat Prevention Receives Highest Scores in Recent Miercom Testing (Marketwired) World class security technology leads with accuracy and performance in Miercom Advanced Threat Prevention With Sandbox Analysis Report

AVG Antivirus latest update now helps scan files faster — adds additional security layers (The REM) AVG has been a brand which has been built around the 'protection' factor

FireMon Extends Network Security Monitoring to Cloud Service Infrastructure (Marketwired) FireMon, the industry leader in proactive security intelligence solutions, today announced expanded network security monitoring capabilities for cloud services, including Amazon Web Services (AWS) and OpenStack Icehouse

Nexum, Inc. Partners with FireMon to Deliver Proactive Security Intelligence Solutions (PRWeb) Nexum partners with leader in proactive security intelligence

Ex-NSA and GCHQ Spooks Showcase Intel Platform (Computer Business Review) Security firm Darktrace seeks expansion in SME market with new threat visuals

Tufin Adds Support for Amazon Web Services, Delivers Security Policy Orchestration for Public, Private and Hybrid Cloud Environments (Herald Online) On heels of industry-first support for VMware NSX, Tufin extends support to AWS, ensuring centralised management of security policies as enterprises embrace cloud models

Carousel Joins Palo Alto Networks Channel Program (Channel Partners) Rhode Island-based Carousel Industries will carry enterprise security offerings from Palo Alto Networks as a new member of the company's NextWave Partner Program

KEMP ships new Application Firewall Pack (Channel EMEA) KEMP Technologies has launched a new Application Firewall Pack (AFP) for its LoadMaster™ range of load balancers and Application Delivery Controllers (ADCs). By integrating Web Application Firewall (WAF) and other security services, KEMP enables secure, scalable and always-on workload delivery in a single ADC and load balancing solution

BillGuard And Experian Partner For Consumer Protection (Forbes) BillGuard, which offers free monitoring of credit and debit card activity and notifies users of fraud and unauthorized charges, has partnered with the identity theft prevention of Experian to provide a comprehensive service for consumers whose cards may have been compromised in data breaches like Target and Home Depot

Technologies, Techniques, and Standards

Crypto protocols held back by legacy, says ENISA (Register) EU takes the microscope to security

Confusion Persists around Cyber Threat Intelligence for Enterprise Organizations (Network World) Enterprises have specific questions but government and industry responses are nebulous at best

An Introduction to Cyber Intelligence (DarkMatters) This is the beginning of a short blog series on the topic of cyber intelligence, its sub-disciplines, and its uses. As an Adjunct Lecturer at Utica College, I teach graduate students in the M.S. Cybersecurity program on topics including cyber intelligence and cyber counterintelligence

How CSOs Can Help CIOs Talk Security to the Board (CIO) CIOs aren't necessarily security experts, but that doesn't mean they can't speak intelligently to the company's board of directors. The key is getting a little coaching from the CSO about how and what to communicate

When Panic Leads to Poor Decisions (SecurityWeek) We've all been there before. Something unforeseen happens that triggers a panic response. More often than not we look back at that response and wish we could have done things differently

Design and Innovation

Did the NSA Outline Bitcoin in 1996? (Cryptocoins News) The NSA was one of the first organizations to describe a Bitcoin-like system. About twelve years before Satoshi Nakamoto published his legendary white paper to the Metzdowd.com cryptography mailing list, a group of NSA information security researchers published a paper entitled How to Make a Mint: the Cryptography of Anonymous Electronic Cash in two prominent places, the first being an MIT mailing list and the second being much more prominent, The American Law Review (Vol. 46, Issue 4 )

Hamradiocoin: Crypto via Radio, Alternative Blockchain Channel (Cryptocoin News) HamRadioCoin utilizes the traditional Ham radio mesh to serve modern blockchain technology. This provides the blockchain and cryptocurrency with the first real alternative channel — a communications network that is both standardized and global. Ham radio has been in existence for over 80 years and who could have thought that its global array of operators would emerge as the perfect candidate for providing a P2P alternative to the internet. As we'll explore below, the invaluable role of Ham radio extends its utility into science fiction as the "old" radio combines with the "new" blockchain

Research and Development

Stress-testing the world economy for pandemics, cyber-attacks and war (Telegraph) Cambridge University's business school has worked out the financial effects of several disaster scenarios to help firms plan ahead

Sybil Logic Bomb Cyber Catastrophe Stress Test Scenario (University of Cambridge Centre for Risk Studies) A risk framework for considering systemic cyber threats and a stress test scenario of a cyber catastrophe for use in business and policy-making

IBM Patents Design for Data Privacy Engine (eWeek) IBM's newly patented data privacy engine safeguards cloud data shared across borders. This new invention improves upon manual privacy techniques

Jericho Systems Receives Patent for Trust Elevation During RESTful Authentication of User Identity (Businesswire) Jericho Systems Corporation, supplier of advanced content filtering and data security solutions, has received issuance notification from the U.S. Patent and Trademark Office of patent number 8,893,293, "Elevating Trust in User Identity During RESTful Authentication"

Radware Launches Hybrid DDoS Attack Protection Solution (SecurityWeek) Radware, a company best known for its DDoS attack mitigation and application deliver appliances, this week announced a new hybrid solution designed to help enterprise organizations detect and protect against sophisticated and volumetric DDoS attacks

Viscount Systems secures second U.S. patent for IT-centric Freedom Access Control platform (Security Info Watch) Viscount Systems, a leading provider of IT-based security software and services, announced today it has received a second U.S. patent for itsFreedom Access Control solution, building on the technology's strong IP foundation. U.S. Patent 8854177 B2 outlines the system and method for storing user permissions for multiple disparate physical devices in a unified permissions database, connected to a network in common with the products

US Army to task Novetta subsidiary with active authentication R&D (Planet Biometrics) The Mission and Installation Contracting Command at West Point has revealed that it intends to award a contract to IBG, a Novetta Solutions Company, for the development of a biometric authentication system based on so-called "active authentication" research

Academia

Angus King touts Maine University System’s role in preventing cyber 'Pearl Harbor' (Bangor Daily News) Warning that the "next Pearl Harbor" will be a cyber attack against the nation's infrastructure, U.S. Sen. Angus King, I-Maine, on Friday announced that the University of Maine System is the first in the country to receive the NSA's stamp of approval for its cyber security program

Ocoee High starts cyber-security team (West Orange Times and Observer) With an influx of viruses and hacks compounding by the minute in the digital age, enhanced cyber security has become a high priority for the U.S. military

Legislation, Policy, and Regulation

Digital Privacy Is "The New Frontier Of Human Rights" (TechCrunch) The impact of mass, digitally-enabled state surveillance upon individuals' privacy has been described as "the new frontier of human rights" by Member of the European Parliament, Claude Moraes, who was giving an annual lecture on behalf of the Centre for Research into Information, Surveillance and Privacy at the London School of Economics on Friday

Extensive Network of Secret Chinese Military Units Attack US on Daily Basis (Epoch Times) An army is attacking the United States. Its war is being waged without bullets or fanfare. Denied by its government, these soldiers operate in shadows and in silence. Yet, glimpses of their operations are seen on a daily basis — hackers and spies attacking and stealing from U.S. businesses and the U.S. government

Australia and Great Power Cyber Strategy after APEC (The Diplomat) It is time to develop a more meaningful cybersecurity dialogue between Australia and China

Brazil doubles down on cyber security? (Open Democracy) The out-sized military response risks compromising citizens' fundamental rights. If Brazil is to build a cyber security system fit for purpose, an informed debate is imperative

Cyberwarfare and NZ (Radio New Zealand) As New Zealand faces an an increasing number of cyber attacks, security experts say it's getting more difficult to counter them

GCHQ whistleblower calls for public interest defence (Guardian) 'I was enraged by the subterfuge and potential blackmail they wanted us to do,' says former GCHQ employee

Geheime dienst kan straks veel meer telefoon– en internetverkeer aftappen (RTL Nieuws) Het kabinet gaat de geheime diensten veel meer armslag geven om het telefoon– en internetverkeer af te tappen. Daartoe wordt de uit 2002 daterende Wet op de inlichtingen– en veiligheidsdiensten drastisch herzien

Gov't pushing to elevate cyber warfare into military operations (Korea Herald) The government has been pushing to categorize cyberspace operations as de facto military ones under the control of the Joint Chiefs of Staff (JCS) commander as part of efforts to boost capabilities to counter growing security threats online, defense ministry officials said Monday

AP Sources: Hagel resigning as Defense secretary (AP) Defense Secretary Chuck Hagel is stepping down from President Barack Obama's Cabinet, senior administration officials said Monday, following a tenure in which he has struggled to break through the White House's insular foreign policy team

ODNI, DOD Update Proposed Budget for FY 2015 Intelligence Programs (ExecutiveGov) The Office of the Director of National Intelligence and Defense Department have released updated budget request figures for their respective intelligence programs in fiscal 2015 to include revised appropriations for overseas contingency operations

Cybersecurity was missing in action on Election Day (The Hill) In the run-up to the recent election, there were many discussions of issues like the Islamic State in Iraq and Syria (ISIS), immigration, the Ebola virus and the Keystone XL pipeline, just to name a few. The one area missing from the pre-election dialogue: a serious discussion about cybersecurity

A divided GOP wrestles with national security and civil liberties (SFGate) The coming Republican majority in Congress will have another debate to add to the pile of questions about how it will run Capitol Hill. After voting down a reform of national security laws, GOP Senate forces need to come up with their own rules governing domestic spying, civil liberties and antiterrorism

Rand Paul's Anti-NSA Campaign Backfires (Right Side News) Michael Hirsh is a Politico reporter who occasionally stumbles on the truth. In a piece on how the anti-NSA campaign has run out of gas, he says the critics of the intelligence agency have failed to come up with "actual instances of state abuse of surveillance" in the United States

CIA Director John Brennan considering sweeping organizational changes (Washington Post) CIA Director John Brennan is considering sweeping organizational changes that could include breaking up the separate spying and analysis divisions that have been in place for decades to create hybrid units focused on individual regions and threats to U.S. security, current and former U.S. intelligence officials said

Should the Central Intelligence Agency be less centralized? (Washington Post) Elsewhere in The Washington Post, intrepid intelligence reporter Greg Miller has quite the scoop about a proposed reorganization of the CIA

EFF Joins the Call for a NIST We Can Trust (EFF) It's looking like we might be on the brink of another crypto war. The first one, in the 90s, was a misguided attempt to limit the public's access to strong, secure cryptography. And since then, the reasons we need the good security provided by strong crypto have only multiplied. That's why EFF has joined 20 civil society organizations and companies in sending a letter to the National Institute of Standards and Technology (NIST) to "re-emphasize the importance of creating a process for establishing secure and resilient encryption standards, free from back doors or other known vulnerabilities"

Campaign Seeks to Dry Out the National Security Agency (TruthDig) "The American surveillance state has an Achilles Heel," organizers of the OffNow campaign say. "We can thwart mass surveillance without relying on Congress or [the] Supreme Court" by passing legislation that stops "the flow of state supplied water and electricity to federal agencies conducting mass, warrantless surveillance"

For Army cyber, it's on-the-job training (FCW) The command sergeant major who is helping the Army develop its new branch for cybersecurity issues is confident that, despite the organizational challenges, the command can meet Army leaders' expectations for improving the service's cybersecurity capabilities

Leaders monitor burnout among intel analysts (Air Force Times) They stay up all night and chug too many energy drinks. They have psychiatrists and chaplains on call, and a therapy dog named Lily

Litigation, Investigation, and Law Enforcement

16 webcam hijacking suspects arrested in wake of bedroom-peeping (Naked Security) An international bust of people illegally using remote-access Trojans (RATs) to hijack people's webcams last week led to the arrest of 16 people across Europe

Convicted ID Thief, Tax Fraudster Now Fugitive (KrebsOnSecurity) In April 2014, this blog featured a story about Lance Ealy, an Ohio man arrested last year for buying Social Security numbers and banking information from an underground identity theft service that relied in part on data obtained through a company owned by big-three credit bureau Experian. Earlier this week, Ealy was convicted of using the data to fraudulently claim tax refunds with the IRS in the names of more than 175 U.S. citizens, but not before he snipped his monitoring anklet and skipped town

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

After the Breach: 1st Annual DePaul University Cyber-Risk Conference (Chicago, Illinois, USA, December 2, 2014) DePaul University's Arditti Center for Risk Management, Center for Financial Services, and the College of Computing and Digital Media are proud to collaborate with Sapient Global Markets as moderators...

Upcoming Events

DefCamp5 (Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering...

Cybergamut Tech Tuesday: Receiver Operating Characteristic (ROC) statistics and their successful use in medical studies, Nigerian scams, and APT detection (Columbia, Maryland, USA, December 2, 2014) Receiver Operating Characteristic (ROC) statistics have been a practical tool in the field of clinical medicine for more than 50 years, an area where stakes can be very high and test results are understood...

After the Breach: 1st Annual DePaul University Cyber-Risk Conference (Chicago, Illinois, USA, December 2, 2014) DePaul University's Arditti Center for Risk Management, Center for Financial Services, and the College of Computing and Digital Media are proud to collaborate with Sapient Global Markets as moderators...

5th Annual Raytheon Cyber Security Summit: "The Unassailable Enterprise" (Reston, Virginia, USA, December 2 - 3, 2014) We invite commercial and government entities to attend the 5th Annual Cyber Security Summit where we will explore the "unassailable enterprise" in 2014 and beyond. We bring together some of the most acclaimed...

SINET 16 (Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent...

Healthcare Cyber Security Summit 2014 (San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit

(ISC)² Security Congress EMEA (London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)2 Security Congress, now in its fourth year, (ISC)2 Security Congress EMEA will offer a complementary and unique opportunity within the Europe Middle East...

International Conference for Internet Technology and Secured Transactions 2014 (London, England, UK, December 8 - 10, 2014) The ICITST is an international refereed conference dedicated to the advancement of the theory and practical implementation of secured Internet transactions and to fostering discussions on information technology...

(ISC)² Security Congress EMEA (London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe...

ACSAC 30: Annual Computer Security Applications Conference (New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters,...

Tax Incentives for Cybersecurity Businesses (Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the...

Cybersecurity 2015: Beyond the Breach (Washington, DC, USA, December 9, 2014) With each new cybersecurity attack businesses lose millions, governments lose information and citizens lose trust. At the end of a year where these attacks regularly dominated headlines, what's ahead for...

ICFPT 2014 (Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices...

Cyber Security Division 2014 R&D Showcase and Technical Workshop (Washington, DC, USA, December 16 - 18, 2014) The cybersecurity threat continues to evolve and in order to keep ahead of the threat, new cutting-edge cybersecurity technologies are needed. DHS S&T's Cyber Security Division (CSD) is funding many R&D...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.