skip navigation

More signal. Less noise.

Daily briefing.

As French police close in on terror suspects, several French municipal Websites are defaced with the black flag of ISIS and a message praising the Charlie Hebdo massacre.

In the US, the FBI investigates media Website defacements by the self-described "CyberCaliphate."

Ukraine says the Russian government, not mere hacktivism, is to blame for attacks on German government Websites.

Attribution of the Sony hack remains as controversial as ever, at least in the judgment of the media covering the story, prompting some to conclude the attack may have been overdetermined. Researchers take a look at North Korea's Naenara browser (based on an obsolete version of Firefox and slaved to the DPRK's RedStar operating system). They find "more than a little weirdness." What's not weird, or at least not unexpected, is that Naenara seems built for censorship and decloaking.

Researchers find a Linux DDoS Trojan apparently designed to assemble a large denial-of-service botnet. Other researchers discover root command execution vulnerabilities in Asus routers.

Lookout reports that SocialPath, nominally a privacy tool, is actually a malicious data theft app.

Ars Technica publishes a look at Cryptowall 2.0's advanced evasion and obfuscation features.

Cyber criminals hunt Netflix credentials.

US officials, notably DNI Clapper and NSA Director Rogers, see the Sony hack as an inflection point. Clapper tells business to wake up to China's cyber threat; Rogers foresees a greater role for Government in defending private networks. In the UK, MI5's chief warns of terrorism and calls for more extensive Internet surveillance capabilities and authorization.

Notes.

Today's issue includes events affecting China, European Union, France, Germany, Iran, Ireland, Japan, Democratic Peoples Republic of Korea, Russia, Saudi Arabia, Switzerland, Syria, Taiwan, Ukraine, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Charlie Hebdo: Hacker Posts "Death to Charlie" Message With ISIS Flag on French Municipality Websites (Tripwire: the State of Security) A hacker has defaced the websites of a number of French municipalities with a message in support of the Wednesday attacks against the satirical French magazine Charlie Hebdo, a massacre which killed 12 including two police officers

Reuters: Ukraine says Russia behind cyber attack on German government (Kyiv Post) Ukraine's prime minister blamed Russian intelligence on Jan. 8 for a hacker attack against German government websites, for which a pro-Russian group claimed responsibility

Inside North Korea's Naenara Browser (Threatpost) Up until a few weeks ago, the number of people outside of North Korea who gave much thought to the Internet infrastructure in that country was vanishingly small. But the speculation about the Sony hack has fixed that, and now a security researcher has taken a hard look at the national browser used in North Korea and found more than a little weirdness

Persistent hijacked GoDaddy domains serve malware via Turkish IPs (Dynamoo's Blog) Last year I wrote about a small bunch of IPs belonging to Radore Veri Merkezi Hizmetleri A.S in Turkey that seemed to be aggressively pushing an exploit kit via hijacked GoDaddy domains. Today I was slightly surprised to see that this is still going on, and in some cases using the same domains as they were all those months ago

Linux DDoS Trojan Has Obfuscating RootKit (DarkMatters) Analysts have identified a Linux DDoS Trojan with a built-in rootkit that is suspected to be building an arsenal of zombie systems that could be leveraged for distributed denial of service attacks

Got an Asus router? Someone on your network can probably hack it (Ars Technica) Root command execution bug invades most wireless routers

SocialPath privacy tool steals data, researchers warn (ComputerWeekly) The SocialPath mobile privacy tool is really a piece of mobile malware that steals users' data, researchers have warned

Thunderstrike — new Mac "ueberrootkit" could own your Apple forever‏ (Naked Security) US-based security researcher Trammell Hudson presented an intriguing paper on Mac rootkits at the recent Chaos Computer Congress (CCC) in Germany

Inside CryptoWall 2.0: Ransomware, professional edition (Ars Technica) Code that switches from 32-bit to 64-bit and turns off Windows' defenses

Cracked Andromeda 2.06 Spreads Bitcoin Miner (Fortinet Security Research) Andromeda is a botnet that has had a long history. The latest version is now 2.09, which most active bots would have already received. Recently, however, our FortiGuard Labs Threat Intelligence system was able to capture the activities of a previous variant of Andromeda that is apparently still alive. During our analysis, we found that it is a cracked version of an old variant, and the author used it for spreading a Bitcoin miner

8chan, related sites go down in Lizard Squad-powered DDoS (Ars Technica) 8chan founder says "there is no way to know" who really attacked imageboard site

Netflix Credentials Targeted by Phishing Campaign (Softpedia) A new malicious email campaign has been observed by security researchers to target customers of Netflix by feeding them a message purporting to be an important notification from the media streaming service

Pastebin: The remote backdoor server for the cheap and lazy (Register) Web clipboard should be a mainstay of enterprise blacklists

Jan 8 New Year, Old Problems: Large-Scale Dating Site Spam Run Hits Users (TrendLabs Security Intelligence Blog) 2015 has just begun, but we're already seeing old problems crop up again — this time abusing a lot of legitimate web sites. Since the start of the year, we've been seeing a significant increase in the number of spammed messages with links that lead to various Russian dating sites

Hackers try to Blackmail Swiss Bank After Stealing Data: Report (AFP via SecurityWeek) Swiss bank BCGE said Thursday hackers had stolen the personal data of thousands of clients as a newspaper reported it was being blackmailed

Malvertising Campaign Affects 1.8 Billion (Infosecurity Magazine) The Huffington Post, Yahoo News, AOL, TMZ and many others are being hit with malvertising, in all reaching a total of 1.5 billion web visitors

ICS CP/PE (Cyber-to-Physical or Process Effects) case study paper — German Steel Mill Cyber Attack (SANS ICS) In December, 2014 the German government's Bundesamt für Sicherheit in der Informationstechnik (BSI) (translated as Federal Office for Information Security) released their annual findings report. In one case they noted that a malicious actor had infiltrated a steel facility. The adversary used a spear phishing email to gain access to the corporate network and then moved into the plant network. According to thereport, the adversary showed knowledge in ICS and was able to cause multiple components of the system to fail. This specifically impacted critical process components to become unregulated, which resulted in massive physical damage

Underground hacker markets are thriving reports Dell's SecureWorks Counter Threat Unit (TechRepublic) A December 2014 security report finds that the internet's underground hacker economy is booming. This economy is doing so well that it's becoming a buyer's market

Report: More than 88 percent of cloud apps not enterprise ready (Cyber Security Business) Compromised credentials are frequently being used in enterprise cloud apps, putting sensitive business information at risk, according to a report released today by cloud app analytics company Netskope

U.K. Power Grid is Under Attack From Hackers Every Minute, Says Parliament (BusinessWeek) The U.K. government is one step ahead of hackers trying to turn off the country's lights — for now

Hacking into smart home devices is like 'stealing someone’s life' (Cable) The growth in the number of smart devices is increasing the risk of consumers having vital data stolen by hackers, US networking company Cisco has said

16-31 December Cyber Attacks Timeline (Hackmageddon) Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here)

Security Patches, Mitigations, and Software Updates

Evolving Microsoft's Advance Notification Service in 2015 (Microsoft Security Response Center) Our Advance Notification Service (ANS) was created more than a decade ago as part of Update Tuesday to broadly communicate in advance, about the security updates being released for Microsoft products and services each month. Over the years, technology environments and customer needs have evolved, prompting us to evaluate our existing information and distribution channels. This desire to improve is why customers may have seen us introduce myBulletins to provide bulletin reports tailored to customer preferences, discontinue the Deployment Priority matrix in favor of the Exploitability Index, modify the Exploitability Index to account for more threat scenarios, simplify security bulletin content to help customer understanding, and create a centralized glossary for bulletin definitions. The change being announced today fits within that context

Patch Tuesday January 2015 Preview (Qualys Blog) It is January 2015 and the week before the year's first Patch Tuesday. Microsoft should have posted their first Advance Notification (ANS) kicking off the patch cycle. But a new year brings many changes and the Advanced Notification is affected by one of them. Microsoft will stop providing the ANS information to the general public and parties interested will have to ask for the it through their account manager. Hmmh, I personally have always thought that our customers were interested in the information contained in ANS, but we will see how that works out

Microsoft decision to end public advanced notice for Patch Tuesday 'shocking,' says Rapid7 (FierceITSecurity) Microsoft announced on Thursday that it will no longer make its advanced notification service for its Patch Tuesday security updates available to the public

Aw, don't be iDict! Apple kills brute force iCloud cracker (Register) Nefarious activities? I did it 'cos I could — hacker

OpenSSL Patches Eight Vulnerabilities (US-CERT) OpenSSL has released updates patching eight vulnerabilities, one of which may allow an attacker to cause a Denial of Service condition

Cyber Trends

2015: Get Ready for More Attacks on Trust (Venafi) Over the past few years, the threatscape has changed more than some realize. Cyberattackers want trusted status and they are misusing the very technologies that create trust for their nefarious purposes

Cyber attackers and defenders prepare for 2015 (Federal Times) 2014 was known as the year of the cyber breach. Forty-three percent of companies experienced a breach last year, including highly visible and damaging hacks to Sony, Home Depot, Target, and JP Morgan Chase. Unfortunately, the cyber breaches of 2014 were not an aberration, but a likely trend. Both the public and private sectors received wakeup calls from these breaches and are beginning to respond accordingly by working together

BAE Systems Applied Intelligence Reveals Top Five Predictions for 2015 (BAE Systems Newsroom) Based on its work this year in the fields of cyber security and financial crime, BAE Systems Applied Intelligence believes the following will be the top five predictions for the digital criminality landscape in 2015

2014 Hack Retrospective, Or Why Security Ecosystems Matter (TechCrunch) The "Year of the Hack" will probably be one way that 2014 will be remembered. But it actually began in 2013 with a phishing email sent to independent, mid-sized air conditioning vendor Fazio Mechanical

The coming shift in security (Help Net Security) Vendors continue to trumpet new platforms as the best way to improve enterprise-level security. Flashy spinning visualizations, added scalability and the meaningless "next-gen SIEM" or "SIEM 2.0" monikers adorn vendor websites. Big data platforms and upgraded databases provide searchable storage to help security analysts find the root cause for security incidents, provided they know what these incidents are and where to find them

Analysis of global defense-in-depth architectures (Help Net Security) Attackers are bypassing conventional security deployments almost at will, breaching systems in a wide swath of industries and geographies. That's the stark conclusion of new data gathered by more than 1,600 FireEye network and email sensors deployed in real-world networks

State of the Internet: Attack traffic, DDoS, IPv4 and IPv6 (Help Net Security) Akamai today released its latest State of the Internet report, which provides insight into key global statistics such as connection speeds and broadband adoption across fixed and mobile networks, overall attack traffic, global 4K readiness, and IPv4 exhaustion and IPv6 implementation

Akamai predicts more cheap hacking toolkits, political attacks next year (CSO) We'll be seeing more severe vulnerabilities like Shellshock and Heartbleed in 2015

Cyber Warfare Risk: What Are The Investment Impacts? (Seeking Alpha) The devastating cyber-attack against Sony and its allegedly state-sponsored origins raises several key questions with respect to the security risk for the global financial system

An Optimistic Lens on Cybersecurity (Wall Street Journal) Welcome to my first guest column of 2015, in which I will try to inspire some optimism. Fortunately, there are many signs that the world is getting better from an informational standpoint. Not only is there Big Data, but also much more interest in and availability of external data, more focus on information that provides context, and more desire for predictive analysis. Being broader in our information focus, trying to turn data into insight, and anticipating events rather than simply responding to them — all these orientations are making both companies and the world at large better places to work and live

Netskope Report Reveals High Frequency of Compromised Credentials in Enterprise Cloud Apps (PRNewswire) Netskope, the leader in safe cloud enablement, today released the January 2015 Netskope Cloud Report™ that monitors enterprise cloud app usage and trends. The report shows a continued increase in cloud app usage across enterprises, as well as the high volume at which files are being shared outside of a given organization. Most notably, the report finds that as many as 15 percent of business users have had their credentials compromised. Since up to half of users re-use passwords for multiple accounts, the likelihood of users logging into business-critical apps with these credentials is high, putting business-sensitive data at risk

Malaysia 2015: Symantec, Blue Coat, Fortinet, Axis, Citrix, InfoWatch (MIS Asia) Computerworld Malaysia presents, in completely random order, extracts of interviews and commentaries from industry leaders, which include some of the key challenges and opportunities for the ICT sector in Malaysia in 2015

Marketplace

US Navy Expands CANES Vendor Pool (Defense News) Two more companies have been added to the five already approved to take part in the US Navy's Consolidated Afloat Networks and Enterprise Services (CANES) program, a $2.5 billion, multi-year effort to upgrade ship-and-shore-based computer networks

US Cyber Command Draft RFP Seeks Wide Range of Services (Defense News) The Pentagon has issued a draft solicitation for an omnibus contract for a wide range of services to US Cyber Command, including support for offensive and defensive operations, and management of military networks

U.S. to lead next decade's C4ISR spending, report says (C4ISR & Networks) The emergence of asymmetric warfare and increased counterterrorism efforts will continue to fuel increased U.S. spending on interoperability and integrated solutions for the next decade, according to a recent forecast report by Strategic Defence Intelligence

Gemalto finalizes the acquisition of SafeNet (Gemalto) Gemalto (Euronext NL0000400653 - GTO), the world leader in digital security, today announces the final closing of the acquisition of SafeNet, the worldwide leader in data and software protection, after approval by the relevant regulatory and antitrust authorities

Day & Zimmermann Becomes Sole Owner of SOC LLC and Appoints New SOC President (Marketwired) Day & Zimmermann (D&Z) today announced that it has become the sole owner of SOC LLC (SOC), a leading provider of security, logistics and life support services to the U.S. Government domestically and abroad

Cloud provider Virtustream joins McAfee security alliance (ChannelBiz) The McAfee Security Innovation Alliance (SIA) partner programme is designed to promote the development of interoperable security products

Former Mandiant VP of Finance Joins AnyPresence as CFO to Manage Rapid Growth (Virtual Strategy Magazine) AnyPresence, a leading cloud-based mobile platform provider, today announced Danielle Metzler has joined the company as Chief Financial Officer reporting to Anirban Chakrabarti, Co-Founder and CEO. Mrs. Metzler assumes strategic and tactical financial responsibilities for AnyPresence's growing enterprise mobility software business

White House CIO Returns to Small Business, e-Management (Businesswire) e-Management announces former White House Chief Information Officer (CIO) Karen Britton has joined the company's leadership team as senior vice president (SVP) & chief operating officer (COO). Ms. Britton is a seasoned executive with over 25 years of experience as a strategic consultant, delivering a diverse range of IT solutions to public and private sector clients. Ms. Britton's arrival follows the company's recent spin-off of its newly created commercial unit, CyberRx, LLC, launched in the 4th Quarter of 2014 to provide cybersecurity readiness and preparedness solutions for small and medium-sized businesses looking to strengthen their cybersecurity posture

AXON Ghost Sentinel, Inc. Names Michael Markulec as President & CEO (PRWeb) AXON Ghost Sentinel, Inc. names Michael Markulec as President & CEO and updates senior leadership

ThreatTrack Security Bolsters Executive Team with Veteran Product and Sales Leadership (IT Business Net) ThreatTrack focuses on driving growth, accelerating innovation and establishing its leadership in cybersecurity

Products, Services, and Solutions

AnomalyDetection: Twitter Launches Spam and Bot Activity Detection Tool (HackRead) Twitter has launched a new tool helping administrators in detecting activity spikes in terms of info received by the service from the users. This tool is called the AnomalyDetection and it is useful for finding bot and spam activity

Redspin Launches IT Security Consulting Practice (Virtual Strategy Magazine) New service addresses the need for expert guidance on information security program development, secure cloud migration strategies, HIPAA/PCI compliance, mobile security assessments and more

LyncShield launches new authentication solution for Lync users of secure tokens (LyncShield) LyncShield has introduced a new security solution that allows users of RSA SecurityID and other secure tokens to safely connect to their organization's Lync server without using their AD (Active Directory) credentials

Cytegic Introduces Cybersecurity Maturity and Strategic Risk Management Technology to North American Markets (Marketwired) Cytegic Is the first cybersecurity management platform designed for an executive audience

BrightLine Receives Accreditation From A2LA as a FedRAMP Third Party Assessment Organization (3PAO) (Marketwired) BrightLine CPAs & Associates, Inc. is pleased to announce that it has received accreditation to maintain its' Third Party Assessment Organizations (3PAOs) status from the American Association for Laboratory Accreditation (A2LA). A2LA is the independent accreditation body that now performs competency and independence assessments of to 3PAO's as part of the Federal Risk and Authorization Management Program (FedRAMP)

Alibaba, Microsoft agree to crack down on counterfeit software (ZDNet) Alibaba Group will strengthen its anti-counterfeit measures to protect the intellectual property rights of Microsoft as part of a new memorandum of understanding

Technologies, Techniques, and Standards

What New Year’s Resolutions Should Chief Security Officers Be Making? (TechWeekEurope) The best-laid plans of mice and men often go awry, but what plans should CSOs be making this year? Here are some great suggestions along with top tips on how to see them through

Hacking with Kali: Practical Penetration Testing Techniques (TechTarget) In this excerpt of Hacking with Kali: Practical Penetration Testing Techniques, authors James Broad and Andrew Bindner outline the five phases of the penetration testing lifecycle

How to reduce the chances of distributed denial-of-service attacks (TechTarget) Distributed denial-of-service attacks are increasingly a menace for enterprises. Expert Michael Cobb discusses industry initiatives that can help enterprises reduce the occurrence and power of DDoS attacks

Deobfuscating Malicious Macros Using Python (Trustwave: SpiderLabs) Over the past few weeks, we've observed cybercriminals spamming users, particularly in the UK, using document files embedded with malicious macros masquerading as invoices. The attachment is either a Word or an Excel document file

10 Steps to Maximize your Home Wireless Network Security (Heimdall Security) We emphasized so many times we are living in an interconnected world and it is a fact we take for granted. This increasing level of connectivity between us and our devices implies not only a greater degree of physical mobility for us, but also the possibility to access the Internet in most places in the world

Design and Innovation

Internet of Things demands security by design (CIO via CSO) FTC Chairwoman Edith Ramirez takes the stage at CES to caution vendors in the hot IoT space to bake in security and privacy controls, and to give users options to limit data collection

Innovation must not come at the price of security (Help Net Security) One of the main themes to come out of CES has been the advancement of the Connected Human. Whilst we can't commute to work on a Hoverboard just yet, "Sent From My Fridge" emails are now a reality and we can expect to program our coffee machines to have an espresso waiting for us when we arrive home

New Opportunities, New Risks: The Internet of Things and Business Innovation (CIO) The Internet of Things (IoT) is creating unprecedented opportunities for both individuals and organizations to gain greater value from networked connections among people, processes, data and things

DNA For Cryptography Chips (Semiengineering) DNA markers are making counterfeit chips a lot easier to identify, and DNA chips are on the drawing board

Google Calendar's Enforced Birthdays Show The Ugly Side Of Algorithms (TechCrunch) You may recall that Google's mission is to "organize the world's information". So if you've been seeing the Birthdays of people you hardly know appearing UFO-like in your Google Calendar lately, never fear — this is just Mountain View doing its thang organizing your stuff

Research and Development

How Reverse-Engineering the Brain Could Help Machines Learn (Nextgov) Today's supercomputers and high-end machines are fast and powerful, but they don't learn well

Academia

Code.org Launches U.S. Teacher Training Program In Districts With Highest Diversity (TechCrunch) Code.org's Code Studio will be training teachers in 60 different school districts in the U.S., including the 7 largest school districts with the highest diversity in the country

Legislation, Policy, and Regulation

Official: NSA will lead fight against hacks (KRDO) NSA also taking a lead role in combating future large-scale hacks

Sony Hack Prompts U.S. Review of Public Role in Company Security (Bloomberg) The hack of Sony Pictures Entertainment has U.S. officials reassessing when and how the government should help private companies defend against digital assaults, National Security Agency Director Michael Rogers said

Preventing a 'cyber Pearl Harbor' (Washington Times) The Hollywood hack attack revealed the need to upgrade cybersecurity

US Ignores China, N. Korea Cyber Threats, Top Spy Says (Tom's Guide) American businesses need to take significant steps to prevent theft of trade secrets by Chinese spies, North Korea is "deadly serious" about harming the United States through online attacks, and federal budget cuts and the Snowden leaks have left the country less safe, Director of National Intelligence Gen. James R. Clapper said yesterday (Jan. 7)

Nation-State Cyberthreats: Why They Hack (Dark Reading) All nations are not created equal and, like individual hackers, each has a different motivation and capability

North Korea Threatens 'War Disaster' Over Sanctions (NBC News) North Korea has again condemned U.S. sanctions imposed on the country following a cyberattack on Sony Pictures Entertainment and on Wednesday demanded the restrictions be lifted

Snowden: US has put too much emphasis on cyber-offense, needs defense (Ars Technica) In PBS NOVA interview, Snowden warns that USS cyber-warfare strategy could backfire

Snowden Claims U.S. Policy Is Creating A Black Market For Digital Weapons (TechCrunch) Edward Snowden says in a new interview with NOVA Next that the U.S. government wrongly promotes cyber offense strategies at the expense of weakening the system and leaving it open to cyber attacks from the black market

Euro Parliament: Time to rethink DRIP, other snoop laws (Register) Report says all blanket data retention violates EU rights

Cyber Risk: New UK Guidance Makes Ostrich Defence for Directors Even More Untenable (Willis Wire) When I blogged recently about cyber threats and the insurance response particularly from the standpoint of D&O insurance, I said: "The steps directors take to inform themselves of the risks posed to their companies and to mitigate these risks form the main planks of both their individual and their collective defences when (rather than if) something bad happens. If they do nothing, they will have little or no defence or excuse"

Secretive Private Intelligence Contractors Need Better Oversight (Defense One) The possibility of waste, fraud, and abuse exists in any government program. We minimize this risk through transparency, independent oversight and public accountability. Secret intelligence programs, however, are a different story

CISPA Cybersecurity Bill Returns (National Journal) Rep. Dutch Ruppersberger is renewing his push for cyber information-sharing legislation. Rep. Adam Schiff, an NSA critic, has replaced Ruppersberger as the top Democrat on the House Intelligence Committee. Sen. Ron Wyden reintroduced his bill to end "backdoor" NSA searches. The FCC plans to vote on accuracy rules for cellular 911 calls, and Republicans are getting desperate to find a compromise on net neutrality

Credit Union Watchdog Shoots Down Data Encryption Rule (Threatpost) Even after suffering a data breach, the organization in charge of overseeing the needs of credit unions has cast off the idea of implementing a rule mandating the use of encryption for data transfers

FCC Chief Hints He'll Enact Obama's Net Neutrality Plan (Nextgov) Federal regulators appear to be on the brink of claiming expansive powers over Internet access to protect the principle of net neutrality

On net neutrality, Internet providers are betrayed by one of their own (Ars Technica) ISPs angry after lobbyist-turned-FCC chairman suggests Title II classification

Schiff Named Top Democrat on Intelligence Panel (Roll Call) Minority Leader Nancy Pelosi announced Thursday that California Democrat Adam B. Schiff will be the next ranking member on the Intelligence Committee

Navy Official on Needs: Fewer Acquisition Regulations, More Cyber Capabilities (Roll Call) The Navy's top acquisition and R&D official on Wednesday outlined his needs, which included: no new acquisition regulations from Congress, and, in fact, fewer; more spending on cyber and electronic warfare and offensive surface warfare; and the end of the across-the-board cuts of sequestration

Litigation, Investigation, and Law Enforcement

Syria-Based Terror Cells Targeting U.K., MI5 Chief Says (Bloomberg) The U.K. has thwarted three terrorist plots in recent months, the head of the domestic intelligence agency said as he called for more resources to deal with the threat of Syria-based extremists

MI5 boss: We NEED to break securo-tech, get 'assistance' from data-slurp firms (Register) Only brief reference to Charlie Hebdo in pre-planned speech

Can cash-strapped Europe prevent terrorism surge? (CNBC) As France is left reeling from several shootings in the space of 24 hours, risk analysts and terrorism experts fear that cash-strapped Europe is ill-equipped to deal with the threat

FBI: Sony Hacker IP Addresses Used 'Exclusively' By North Korea (Infosecurity Magazine) FBI director James Comey has confirmed the agency's conviction that a destructive cyber attack on Sony Pictures was carried out by North Korea, claiming that mistakes by the hackers led the trail back to IP addresses used "exclusively" by the hermit nation

Why You Still Shouldn't Totally Trust FBI Claims On North Korean Hacking Of Sony (Forbes) FBI director James Comey today tried to shed some light on his agency's claims that North Korea was behind the Guardians of Peace cyber attacks that tore apart Sony Pictures in November and forced the cancellation of The Interview, a comedy in which the two central characters are asked to assassinate the country's leader Kim Jong-Un. But, according to security experts, it's unlikely that his fresh assertions that the hackers were sloppy and leaked data that led back to North Korea will stand up to scrutiny

Critics Say New Evidence Linking North Korea to the Sony Hack Is Still Flimsy (Wired) If the FBI's revelations on Wednesday about the sloppiness of North Korea's hackers was meant to silence critics who doubt the government's attribution for what happened to Sony, it failed

FBI's Sony Attribution: Doubts Continue (InfoRiskToday) FBI Director James Comey's Jan. 7 remarks defending the bureau's attribution of the hack attack against Sony Pictures Entertainment to "North Korea actors" haven't silenced many information security experts, who say they remain unconvinced there's enough evidence to attribute the attack to anyone

ISIS loyalists hack local media, spark FBI investigation (Russia Today) The FBI is investigating a group dubbed the 'Cyber Caliphate' after it allegedly hacked websites and social media accounts belonging to a local Maryland television station and a New Mexico newspaper

Impossible Attribution, Aaron Swartz, and Deterring Cybercrime: An Interview with Peter Toren (HackSurfer) The recent cyber-attack against Sony has raised a few legal questions heading into the new year. For example, Sony threatened news outlets for publishing its stolen intellectual property (IP) sparking a debate over the ethics of publishing that material and the attribution of the attack being North Korea continues to be questioned by some experts

Why the Silk Road Trial Matters (Wired) Ross Ulbricht is finally getting his day in court, 15 months after plainclothes FBI agents grabbed him in the science fiction section of a San Francisco library and accused him of running the billion-dollar online drug bazaar known as the Silk Road. It's a day that anyone who cares about crime, punishment and privacy in the shadows of the internet will be watching

Stingray debate doesn't get its day in court (Tehcnical.ly Baltimore) There won't be any hearings in open court about Baltimore's use of the Stingray device to secretly track cell phone data, thanks to a pair of plea deals struck Wednesday

Saudi blogger to be publicly flogged today (Emirates 24/7) For his 1,000 lashes, Badawi is to receive 50 lashes every week for 20 weeks

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CYBERWEST: the Southwest Cybersecurity Summit (Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...

REcon 2015 (Montréal, Québec, Canada, June 19 - 21, 2015) REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations...

Upcoming Events

Cybersecurity World Conference (New York, New York, USA, January 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting...

U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market (Washington, DC, USA, January 12, 2015) Join the U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market. The value of the global cyber security market is expected to grow by 11.3% each year, reaching $120 billion by...

FloCon 2015 (Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University

National Cybersecurity Center Of Excellence (NCCOE) Speaker Series: Security In A Cyber World (Rockville, Maryland, USA, January 14, 2015) The National Cybersecurity Center of Excellence (NCCoE) Speaker Series showcases global thought-leaders to highlight critical cybersecurity issues of national importance. The keynote speaker will be Chris...

California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...

FIC 2015 (Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...

IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, January 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015,...

4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, January 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human...

AppSec California (Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...

Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, January 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives...

Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.