skip navigation

More signal. Less noise.

Daily briefing.

Various Islamist factions compete for discredit as they claim the Charlie Hebdo massacres and use of children as executioners.

Fast becoming as familiar (and perhaps as decentralized in use) as the Anonymous Guy Fawkes mask, the CyberCaliphate's checkered shemagh defaces North Korea's Air Koryo Facebook page.

Speculation about hacktivists behind the compromise of US CENTCOM's social media accounts continues to focus on a disaffected Brummie, Jumaid Hussein al-Britani, former Midlands jailbird, current whereabouts unknown, but possibly somewhere in the Levant. His wife said last week he was killed by a drone, but few believe this. The US Army says the CENTCOM hack exposed a "significant number" of retired generals' personal information.

Sucuri reports a vulnerability in Vbulletin to PHP code insertion.

Microsoft researchers detail the most recent enhancements to CryptoWall.

Brazilian banking customers struggle with what observers call a "virtual mugging" that uses the KL-Remote exploit toolkit.

Malvertising with convincing spoofs of legitimate publications is found in Google AdSense. Online advertiser Tum uses an undeletable Verizon tracking number to spawn "zombie cookies." Tum says Verizon told them it was o.k.

American and United airline frequent fliers' user accounts are compromised and miles are reported stolen.

UK PM Cameron will push his widely-criticized views on encryption during his summit with US President Obama. The President's own cyber proposals receive weaker reviews today: observers see RICO prosecutions for innocent online activity, with civil liberties protected only by prosecutorial discretion. (Still, some like the parts granting immunity for sharing data with the Government.)

A note to our readers: the CyberWire will observe Martin Luther King Day and not publish Monday. We'll resume regular publication on Tuesday, January 20.

Notes.

Today's issue includes events affecting Australia, Brazil, Canada, China, Côte d'Ivoire, Germany, India, Japan, Democratic Peoples Republic of Korea, Malaysia, Russia, Syria, Sweden, United Kingdom, United States, and Vietnam.

Cyber Attacks, Threats, and Vulnerabilities

Disputed Claims Over Qaeda Role in Paris Attacks (New York Times) The younger of the two brothers who killed 12 people in Paris last week most likely used his older brother's passport in 2011 to travel to Yemen, where he received training and $20,000 from Al Qaeda's affiliate there, presumably to finance attacks when he returned home to France

IS 'Child Executioner' Reports Blocked, Played Down In Central Asia (Radio Free Europe/Radio Liberty) Central Asian news outlets are playing down reports of a video that appears to show a Kazakh child militant executing two men. Some stories have been blocked entirely

Pro-Isis hackers attack North Korean airline Facebook page (Guardian) Hackers post image of black and white flag of Islamic State and brand Kim Jong-un a 'crying pig' on page promoting Air Koryo

CENTCOM Twitter hackers posted info for many retired generals (Military Times) The Army is contacting a "significant" number of retired general officers whose personal information was posted online when hackers took over U.S. Central Command's Twitter account Monday, an Army official said

Meet the Star-Crossed Lovers Behind the Islamic State's Centcom Hack (Foreign Policy) When a group calling itself the "CyberCaliphate" breached Centcom's Twitter and YouTube accounts and flooded both with pro-Islamic state messages and videos earlier this week, American law enforcement officials raced to find out who was responsible for the attack. The main suspects: a group led by Junaid Hussain, a 20-year-old who moved from Britain to Syria — accompanied by his 45-year-old alt-rock girlfriend — to kick-start the Islamic State's hacking campaign

VBulletin SEO Module Has "Critical" Flaw, Says Sucuri (Computer Business Review) Bug could lead to PHP code insertion and malicious follow-up

Ouch! Home router security "bypass" actually means no security AT ALL (Naked Security) About two years ago, a Spanish security researcher named Eduardo Novella found an astonishing bug in the Pirelli P.DGA4001N routers that were used by a Spanish ISP

What Can Happen If Your Organization Is Targeted (Fortinet Security Research Blog) A few weeks ago, we received a file that was being spread as an attachment in a spear phishing email. The sample, which we are detecting as W32/Byanga.A!tr, turns out to be a dropper for a bot which, if active in an organization's system, has the capability to perform malicious activities that can be very damaging to the targeted organization

CryptoWall 3.0 hides C&C Communications with I2P Anonymity Network (Security Affairs) Security Experts at Microsoft discovered a new variant of CryptoWall 3.0 ransomware that adopts I2P Anonymity Network for C&C Communications

CryptoWall ransomware is back with new version after two months of silence (IDG via CSO) Attackers have started distributing a new and improved version of the CryptoWall file-encrypting ransomware program over the past few days, security researchers warn

Bank Fraud Toolkit Circumvents 2FA & Device Identification (Dark Reading) KL-Remote is giving Brazilian fraudsters a user-friendly "virtual mugging" platform

Google AdSense Used for Malvertising Campaign (Softpedia) Advertisements redirecting users to scam websites impersonating reputable magazines and blogs that touted shady health products have been spotted in Google's AdSense program

Fake BBC News Site Baits Victims with Charlie Hebdo Misinformation (Infosecurity Magazine) A suspicious site that was attempting to mimic the official BBC News website while serving up false information about the Charlie Hebdo tragedy managed to garner an immense amount of traffic earlier this week — with the likely intent to deceive and perhaps harm visitors via malicious file downloads or through click-fraud

Zombie cookie: The tracking cookie that you can't kill (Ars Technica) Online ad company uses cookies that come back to life after Verizon users delete them

Ham-fisted phishing attack seeks LinkedIn logins (IDG via CSO) LinkedIn users targeted by slippery phishing campaign

Park 'N Fly, OneStopParking Confirm Breaches (KrebsOnSecurity) Late last year, KrebsOnSecurity wrote that two huge swaths of credit card numbers put up for sale in the cybercrime underground had likely been stolen from Park 'N Fly and from OneStopParking.com, competing airport parking services that lets customers reserve spots in advance of travel via Internet reservation systems. This week, both companies confirmed that they had indeed suffered a breach

Hackers enjoying free rides after hacking thousands of American, United airlines accounts (HackRead) Countless American and United airlines' User Accounts Stolen by Hackers — dozens of free trips booked as hackers retrieve user ids and passwords via third party source

Anonymous Wages War on Montréal Police for Dismantling Homeless village (HackRead) The online hacktivist Anonymous has sent a threatening message to the Service de Police de la Ville de Montréal (SMPV) and Montreal police against bulldozing of a homeless camp set up by Anonymous in Viger Square for OpSafeWinte

Anatomy Of A 'Cyber-Physical' Attack (Dark Reading) Inflicting major or physical harm in ICS/SCADA environments takes more than malware

Security Patches, Mitigations, and Software Updates

Mozilla Releases Security Updates for Firefox, Firefox ESR, SeaMonkey, and Thunderbird (US-CERT) The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, SeaMonkey, and Thunderbird. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system

Insta-sham: Instagram fixes its not-so-private photo bug… well, sort of (Naked Security) Instagram has fixed a privacy flaw that allowed anyone with the URL to see photos and videos posted on the service, even if the user's account was set to private. At least, it has kind of fixed it

Microsoft accused of money-grabbing with Patch Tuesday reform (V3) Microsoft's decision to cease Patch Tuesday notices to non-premier customers is a greed-induced step backwards for the firm's security efforts, according to security experts

Cyber Trends

Five key security, identity and access management trends (Help Net Security) CA Technologies announced five key trends for security and identity and access management (IAM) that will impact organizations and security professionals in 2015 as they compete in the application economy

2014 cyberattack victims in the crosshairs again, warns SANS' Eric Cole (FierceCIO) The big news in IT security in 2015 will not be the newest Fortune 1000 cyberattack victim. Instead, expect the cybercriminals to return to the scene of the crime, and re-attack one of last year's top victims

Check-the-Box Mentality Exposes Banks to Big Cyber Risks (American Banker) The year of 2014 will be remembered as the year of the data breach. Hackers struck numerous large corporations, from Target to Home Depot to JPMorgan Chase

The 7 biggest lies you've been told about hacking (Daily Dot) Online security is increasingly an issue rich for headlines as everyone from movie studios and celebrities to major retailers and CENTCOM find themselves the victims of digital infiltrators. However, "hacking" is also a very technical issue and, like many technical issues, one the media often gets wrong

Developers, the Cloud, and Security Concerns (Cloud Tweaks) So I got to thinking about security and how this relates to developers in particular. This was prompted by a recent read of the findings reported in a survey, "2014: The Year of Encryption" conducted by Egress Software Technologies, of delegates at Europe's largest information security event Infosecurity Europe 2014. And you know the first and almost overwhelming thought that struck me was how important security should be for these folk

Computer viruses cost Vietnamese users almost $400mn in 2014: Bkav (Tuoi Tre News) Malicious software programs, or viruses, caused damage worth nearly US$400 million to Vietnamese computer users last year, a local Internet security firm said Tuesday

Malaysian companies indifferent to cyber security, says solutions firm (Malaysian Insider) Many Malaysian companies adopt a stopgap attitude when it comes to investing in cyber security measures, a solutions company said today

Coffee, Wi-Fi and the Moon (Atlantic Council: the Art of Future Warfare) The unknown story of the greatest cyber war of them all

'Blackhat' director Michael Mann has a worst-case cyber-attack scenario for you (HitFix) A half-hour sitting across a table from Michael Mann is more than enough time to remind you of all the stuff you don't know. A consummate researcher-filmmaker, he never puts something out into the creative ether without knowing it inside and out, without knowing its world, its players — everything that needed to exist in order to birth it in the first place, he's canvased it. So no, he wasn't shocked to hear that last month, corporate giant Sony had been maliciously hacked leaving privileged information scattered to the public

Marketplace

Here's how insurance will respond to the Sony cyber hack (Insurance Business America) The Sony Pictures cyber attack of seven weeks ago represented a game-changer in the recent string of data breaches that have plagued high-profile companies like Target, Home Depot and Dairy Queen. With repercussions ranging from entertainment industry rumors to potential matters of national security, the breach was a strong reminder of just what’s at risk when hackers attack

Symantec Acquires Boeing's Cybersecurity Unit in a Bid to Boost Big Data Capabilities (Forbes) Symantec Corp. announced on January 12 that it is taking over 65 engineers and data scientists from Boeing's cybersecurity unit, Narus. Boeing will retain ownership of Narus' licenses and intellectual property, which will be licensed by Symantec. Terms of the deal were not disclosed

KPMG makes third cyber security acquisition in four months (KPMG via LinkedIn) We've just announced that KPMG Finland has acquired 100% of Trusteq Oy, a 45 strong Finnish cyber security consulting company specializing in identity and access management services and security transformation projects

BlackBerry says $7.5 billion Samsung takeover deal is bogus [Updated] (Ars Technica) BlackBerry stock jumped a crazy 30 percent after the news

EMC Restructures RSA; Coviello Says Split From EMC Federation Unlikely (CRN) EMC has laid off management and sales staff as part of an overhaul of its RSA security division, according to people familiar with the matter

Exclusive: FireMon will hire 100 in 2015, doubles office space after sale (Kansas City Business Journal) A new owner with tech clout and hefty resources is enabling significant growth for Overland Park-based FireMon LLC

Microsoft Welcomes Cylance Into The Antivirus Club (Forbes) When I think of antivirus there are specific vendors and tools that come to mind: Symantec, McAfee, Panda Security, BitDefender, and others. Microsoft is expanding the definition of "antivirus", though, by inviting Cylance to join the Microsoft Virus Initiative (MVI) and Virus Information Alliance (VIA) — groups organized by Microsoft to coordinate antimalware efforts, and provide effective security for Microsoft customers

Palo Alto Networks warns of lengthening channel lead times (CRN) Next-generation firewall unable to meet standard two-week guarantee on orders, according to email sent to partners today

Digital security company Gemalto expands operations to Ivory Coast (Human IPO) One of the world's leading digital security companies Gemalto has announced further operational expansion in Africa with the commencement of operations in Abidjan, Côte d'Ivoire

Trailblazing Secure Managed Cloud Provider FireHost Appoints Longtime Security Veteran Dr. Parveen Jain to Board of Directors (Herald Online) Secure managed cloud leader FireHost has appointed industry veteran Dr. Parveen Jain to its board of directors

Products, Services, and Solutions

2014 Top Security Tools as Voted by ToolsWatch.org Readers (ToolsWatch) We are honored to announce the 2014 Top Security Tools as Voted by ToolsWatch.org Readers, this is the second edition of our online voting by users and readers

Peerio — End-to-End Encrypted Secure Messenger and File Sharing App (Hacker News) On one end, where governments of countries like Russia is criticizing end-to-end encryption and considering to ban the encrypted communication apps like Snapchat, CryptoCat, WhatsApp and Apple's iMessage. On the other hand, the Internet community has come up with a new and rather more secure encrypted communication app

Watching A Cyberattack Bloom: vArmour Visualizes The Data Breach (Xconomy) Financial firm Morgan Stanley is the latest big company forced to acknowledge a data breach, after finding to its horror early this month that the names and account numbers of thousands of its wealthy investment clients had been posted on the Internet. The New York firm follows entertainment giant Sony and a long list of other apparent cybercrime victims, whose vulnerability leaves other businesses wondering what bugs and cracks might lie undetected in their own computer systems

New Cyber Service Investigates Behavior Of Specific Threats (HS Today) As complex operations become an increasingly frequent feature of contemporary cyber crime, Kaspersky Lab has launched an online service that brings together all the information it holds on the most sophisticated cyber campaigns. The interactive Targeted cyberattacks logbook project displays Kaspersky's research and analysis

Fasoo Launches Secure Content Service for Dropbox Users to Prevent Security Breaches (Virtual Strategy Magazine) Folder Cryptor for Dropbox provides secure management of folders in Dropbox to protect personal files in the cloud

Fpweb.net and Incapsula Team to Secure Global SharePoint Customers (MarketWatch) Incapsula WAF and Global CDN enhances performance for Fpweb.net's 1,500 customers across 80 countries

Cimcor Releases CimTrak Version 2.0.6.18.1; Builds on Heritage of Integrity Monitoring Innovation (IT Business Net) The latest update to Cimcors CimTrak file integrity monitoring and compliance solution version 2.0.6.18.1 includes a host of improvements to make change detection easier than ever for your IT staff

South River Technologies Combines Managed File Transfer and Enterprise File Sharing in New Cornerstone MFT (Marketwired) New release enables better IT oversight and reduces security risk, while providing an easy solution for user productivity

Haystax and Franz Inc. Partner to Deliver Insider Threat Detection Solutions (Virtual Strategy Magazine) Haystax Technology, Inc., and Franz Inc., announced a technology partnership that will enable Haystax to leverage Franz's AllegroGraph technology for patented algorithms and sophisticated behavior models used in Haystax's insider threat detection solutions

LinkedIn Selects Proofpoint's Nexgate Division for Certified Compliance Partner Program (MarketWatch) Nexgate's advanced social media security and compliance solutions add best-in-class LinkedIn functionality

NICE Systems, CloudScann partner on mobile app deployed by NJ TRANSIT (Urgent Communications) NICE Systems and CloudScann announce an integrated solution that lets users document incidents in the field via their smartphones and enable two-way transmissions of text, photo and video information with a centralized command center

ESET launches ESET NOD32 Antivirus 8 and ESET Smart Security 8 (Technuter) ESET, the global player in proactive digital protection, has announced the latest versions of its flagship security software products: ESET NOD32 Antivirus 8 and ESET Smart Security 8. The latest line-up includes Botnet Protection and Enhanced Exploit Blocker that protects against exploits and offer anti-phishing and social media scanning capabilities

IBM Launches z13 Mainframe — Most Powerful and Secure System Ever Built (PRNewswire) First system able to process 2.5 billion transactions per day, built for mobile economy. Makes possible real-time encryption on all mobile transactions at scale. First mainframe system with embedded analytics providing real time transaction insights 17X faster than compared competitive systems at a fraction of the cost

WatchGuard Earns Top Spot in Network World Product Shootout for UTM Firewall Appliances (PRNewswire) WatchGuard's Firebox® T10 stands out with its real-time visibility tool Dimension™, great user management interface, and new services like Advanced Persistent Threat protection

Technologies, Techniques, and Standards

ISO floats storage security standard (Register) ISO/IEC 27040:2015 is bedtime reading for storage admins

5 questions to ask before a breach happens (CSO) Use these five questions to start the conversations necessary to 'assume breach' and plan ahead

Strategy: Planning and Recovering From a Data Breach (SecurityWeek) 2014 was a terrible, horrible, no good, very bad year for cyber attacks. Target's point-of-sale attack in late 2013 proved to be a common breach theme in 2014, targeting retailers such as Michaels, Kmart, Home Depot, and Neiman Marcus. Attackers also began targeting cloud applications, from Apple iCloud to Salesforce (Zeus variant and Dyreza) to Office 365. The recent Sony Pictures breach also demonstrated attackers' turn for the malicious, from sending threatening employee emails and demanding ransom to creating malware focused not just on exfiltration but on destroying data

Getting Employee Security Awareness Training Right (SecurityWeek) Time after time, attackers seem to find ways to get users to open an attachment

CapTipper — Malicious HTTP traffic explorer tool (Omri Herscovici) CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found

Dynamic Malware Analysis with REMnux v5 — Part 1 (Count Upon Security) Part 1 illustrates a series of very useful tools and techniques used for dynamic analysis. Security incident handlers and malware analysts can apply this knowledge to analyze a malware sample in a quick fashion using the multi-purpose REMnux v5. This way you can extract IOCs that might be used to identify the malware across your defense systems and aid your incident response actions

Design and Innovation

Competition: Design the UK’s crypto-open-backdoor stamp of approval! (Graham Cluley) If David Cameron is re-elected as British Prime Minister in May, he plans to introduce legislation that will get rid of all that pesky security that prevents the law enforcement agencies from snooping on secure communications

Academia

Nysmith Students Meet Cyber Defense Challenge (Connection) Two teams of middle school students from The Nysmith School of Herndon recently finished second and 12th out of 200 U.S. and Canadian teams participating in the seventh Annual CyberPatriot National Youth Cyber Defense Competition. The program puts students in the position of newly-hired IT professionals and challenges them to find and resolve cybersecurity vulnerabilities in simulated environments

Legislation, Policy, and Regulation

David Cameron to press Barack Obama on security fears (Financial Times) David Cameron will seek Barack Obama's support this week for a push to improve co-operation between intelligence agencies and technology companies such as Twitter and Facebook, warning the president that public safety is at stake

US mulls more sanctions even as North Korea denies cyber attack on Sony (Big News Network) The United States is contemplating a new set of sanctions against North Korea over its alleged involvement in the massive cyber attack on Sony even as the reclusive nation repeatedly denied any role

Syria urges intelligence sharing to fight terrorism: state media (Reuters) Syrian President Bashar al-Assad urged states fighting terrorism to share intelligence, Syrian state media reported on Wednesday, saying European policies were responsible for attacks by Islamist gunmen in France last week

Prime minister wrong on encryption say experts (SC Magazine) Prime minister David Cameron's perceived criticism of encryption technologies has prompted a staunch defence from the information security community

Australia tries to ban crypto research — by ACCIDENT (Register) Academics could risk JAIL under defence trade laws starting in May

FACT SHEET: Safeguarding American Consumers & Families (White House: Office of the Press Secretary) Today, President Obama will build on the steps he has taken to protect American companies, consumers, and infrastructure from cyber threats, while safeguarding privacy and civil liberties. These actions have included the President's 2012 comprehensive blueprint for consumer privacy, the BuySecure initiative — launched last year — to safeguard Americans' financial security, and steps the President took earlier this year by creating a working group of senior administration officials to examine issues related to big data and privacy in public services and the commercial sector

Sony hack gives Obama political capital to push cybersecurity agenda (Christian Science Monitor) In gridlocked Washington, the aftereffects of the cyberattack on Sony Pictures may ultimately forces Republicans and Democrats to come together on an information-sharing bill

Obama wants Congress to increase prison sentences for hackers (Ars Technica) Proposal also expands hacking definition. That's a "dangerous idea," expert says

Obama's War on Hackers (Errata Security) In next week's State of the Union address, President Obama will propose new laws against hacking that could make either retweeting or clicking on the above link illegal. The new laws make it a felony to intentionally access unauthorized information even if it's been posted to a public website. The new laws make it a felony to traffic in information like passwords, where "trafficking" includes posting a link

Obama Security Proposals 'Will Create Cyber Police State' (Forbes) Another of Obama's recommendations could see offenses covered by the CFAA included in prosecutions under the Racketeering Influenced and Corrupt Organizations Act. According to Graham, just being linked to a hacker group would land you in danger of a 20-year prison sentence. As many innocent researchers and interested parties hang around in the same chatrooms and forums as criminal hackers, this could again ensnare many who don't deserve to have their online activities criminalised

Obama's cybersecurity plans part of decade-old programs (AP via the Longview News-Journal) President Barack Obama said Tuesday that recent cyberthreats to Sony and the military's U.S. Central Command are reminders of the serious threats facing the nation. But an Associated Press review shows that some of his plans are retreads from years past

Experts: Obama's Calls for New Cybersecurity Laws a Good Start, but Nation Needs More (SIGNAL) President Barack Obama has put the cybersecurity ball into Congress' court, seeking legislation that pushes what some industry experts have clamored for in the quest to better protect the nation's information network

Senator to introduce data breach bill (The Hill) Sen. Bill Nelson (D-Fla.), the ranking member on the Senate Commerce Committee, will soon introduce a data breach notification bill that closely resembles a proposal President Obama called for during a Monday speech

Remarks as delivered by DNI James R. Clapper on "National Intelligence, North Korea, and the National Cyber Discussion" at the International Conference on Cyber Security (Office of the Director of National Intelligence) It's great to be here after fighting the snow traffic in Washington to get to the airport, and then flying here

The Futile Effort to Determine When a Cyber Incident Becomes an Armed Attack (Council on Foreign Relations) As Adam mentioned the other day, the Sony hack highlighted the fact that even after years of debates and increased public attention on cyber issues, fundamental policy questions in this area remain unanswered

Michael Daniel: Cybersecurity's many moving parts (Federal Times) Michael Daniel was a long-time national security budget official at the Office of Management and Budget before being tapped in 2012 to oversee the interagency development and implementation of national cybersecurity strategy and policy, leading to President Obama's 2013 milestone signing of Executive Order 13636

In OPM cyber breach, security experts spy fundamental problem (Federal News Radio) While it's far from a full-fledged cyberattack, the "technical malfunction" that besieged an Office of Personnel Management Web portal Monday underscores a governmentwide problem that, experts say, is not easy to fix

NSA Official: Support for Compromised Dual EC Algorithm Was 'Regrettable' (Threatpost) In a new article in an academic math journal, the NSA's director of research says that the agency's decision not to withdraw its support of the Dual EC_DRBG random number generator after security researchers found weaknesses in it and questioned its provenance was a "regrettable" choice

Thornberry Gives Intel Oversight to Full HASC (DefenseNews) The newly minted House Armed Services Committee chairman is putting his mark on the panel, shifting oversight of military intelligence to the purview of the full committee

DISA releases security guidance in implementing, hosting cloud services for DoD agencies (FierceGovernmentIT) The Defense Information Systems Agency Jan. 13 publicly released guidance that updates and codifies enhanced cybersecurity requirements for implementing and hosting cloud computing systems for certain types of sensitive Defense Department data

Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) (Defense Information Systems Agency) Cloud computing technology and services provide the Department of Defense (DoD) with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federal data center consolidation

DISA Shrinks Cybersecurity To Grow It (Breaking Defense) The day before Islamic radicals hijacked Central Command's Twitter account, the Defense Information Systems Agency officially launched a major overhaul intended, among other things, to increase cybersecurity

Alert: The Regulation of Virtual, Digital and Crypto-currencies (JDSupra Business Advisor) A virtual currency is "a digital representation of value that is neither issued by a central bank or public authority nor necessarily attached to a [fiat currency], but is used by … persons as a means of exchange and can be transferred, stored or traded electronically"

What regulations meant to govern rotary phones could do when applied to the internet (Quartz) In the midst of the gonzo traffic of back-flipping mini-drones, driverless cars and football fields of mobile internet fueled innovation at the Consumer Electronics Show in Las Vegas last week — FCC chairman Tom Wheeler sounded downright presidential

Should Intelligence Officers be 'Hunters' or 'Gatherers'? (Cicero Magazine) Senior American leaders, from President Obama on down, and the U.S. intelligence community as a whole were caught flatfooted

Shakeup at Secret Service; 4 executives reassigned (AP via KLTV) Four of the highest-ranking Secret Service executives have been reassigned following a series of security mishaps and scathing reports questioning leadership within the agency, the Secret Service said Wednesday

UK's Defense Export Chief To Step Down (DefenseNews) The head of the British government's £13 billion a year defense and security equipment export organization is to stand down

Activist pulls off clever Wi-Fi honeypot to protest surveillance state (Ars Technica) "All traffic that occurred via our wireless network has been logged"

Litigation, Investigation, and Law Enforcement

Thousands of German spies at risk after double-agent stole list of identities (Telegraph) Double agent working for US, identified only as Markus R, may have sold top-secret details of 3,500 German intelligence officers posted abroad, according to Bild newspaper

MI6 forced to show how it may snoop on privileged lawyer-client exchanges (Guardian) Documents passed to civil liberties group Reprieve reveal intelligence agency's attempt to show it stays within the law

CIA board breaks with watchdog, clears agency of spying on Senate (The Hill) In a break with its former inspector general and overseers on Capitol Hill, a CIA accountability board has determined that agency officials did not wrongly spy on the Senate early last year

Undercover Agent Reveals How He Helped the FBI Trap Silk Road's Ross Ulbricht (Wired) The FBI agents who arrested Ross Ulbricht in the science fiction section of a San Francisco public library in October of 2013 left nothing to chance

Government Demands for Verizon Customer Data Drop (Threatpost) The number of subpoenas, total orders and warrants that the United States government delivered to Verizon all dropped in the second half of 2014, according to the company's latest transparency report

Reddit user cracks The Pirate Bay secret code (HackRead) The Pirate Bay (TPB), an online index of digital contents that went down on Dec 9 after police raided its data center in Sweden, has been dropping hints that February 1 will be a grand day

Money laundering finds new home in trade finance arena (FierceCFO) As regulators crack down, corporates need to take a closer look

Sextortionist who preyed on teens via Facebook and Skype gets 53 months (Naked Security) A Scottish sextortionist who preyed on victims as young as 13 has been sentenced to 53 months in jail and three years of monitoring after that

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

ShmooCon (Washington, DC, USA, January 16 - 18, 2015) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...

Upcoming Events

FloCon 2015 (Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University

California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings...

FIC 2015 (Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a...

IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, January 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015,...

4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, January 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human...

AppSec California (Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get...

Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, January 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives...

Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues...

Cyber Threat Intelligence Summit (Washington, DC, USA, February 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities

Suits and Spooks (Washington, DC, USA, February 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We...

Nullcon 2015 (Goa, India, February 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats

ICISSP 2015 (Angers, Loire Valley, France, February 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information...

2015 Cyber Risk Insights Conference — London (London, England, UK, February 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout...

AFCEA West 2015 (San Diego, California, USA, February 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.

Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, February 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.