The CyberWire Daily Briefing for 12.4.2012
Iranian hackers Pasatoo again hit the International Atomic Energy Agency with a view to embarrassing both the IAEA and Israel. Pakistani members of Anonymous attack a very broad array of targets across the world "for various reasons." New Mac malware—"Dockster"—is found on the Dalai Lama's Websites. (Volokh Conspiracy blawgers note Sichuan University's past involvement in attacks on Tibetan activists.)
MySQL zero-days are announced, but many security experts doubt the vulnerabilities amount to much. A "blended threat" targets Yahoo developer features to steal user data. Reveton and Citadel impersonate the FBI in a ransomware scheme. Some US traffic monitoring systems show "insufficient entropy" in authentication key generation, and are vulnerable to man-in-the-middle attacks. The black market now offers a convenient malicious domain registry. A Tumblr worm spreads rapidly, distributing a viral text.
From his embassy redoubt, Wikileaks leader Julian Assange accuses Google and Facebook of being fronts for US intelligence agencies. If confetti made of police documents can be reconstituted, what of electronic backup media? SANS says they're often disposed of by simple dumping, and has lurid photos to prove it.
Contractors warn US budget austerity will have serious implications for national security, but TASC disagrees, and their CEO calls for industry to take the lead in cutting budgets. BAE Detica consolidates Australian acquisitions and expands into Malaysia. France Telecom makes a major investment in mobile security firm Lookout.
The UK organizes a "Dad's Army" of cyber reserves. The Los Angeles Times discusses regulatory obstacles to threat information sharing.
Notes.
Today's issue includes events affecting Australia, Austria, Canada, China, France, India, Ireland, Italy, Malaysia, Mexico, New Zealand, Pakistan, Romania, Slovakia, Spain, Syria, Thailand, Taiwan, United Arab Emirates, United Kingdom, United Nations, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Syria Industrial Bank Still Defaced Days After Attack (Cyber Warzone) Early last week Anonymous and other hacktivist had started Operation Syria again in light to the Syrian government blocking Internet access to the outside world. Three days ago a hacker using the twitter handle @AnonHeart404 is apart of sector 404 had defaced the Syrian industrial banks website (http://industrialbank. gov. sy/) and its still defaced a over 72hrs later
Parastoo hacks IAEA again to get attention & provides vulnerability link (Cyber Warzone) Parastoo meaning bird in Iran has released another PasteBin message that contains an vulnerable url. The hackers also have made an list of the domains that they have in their control. Take a look at the pastebin message here
Anonymous Pakistan Defaces 319 Websites (Softpedia) A hacker called xPerf3cti0n - apparently part of Anonymous Pakistan - has defaced a total of 319 websites from various parts of the world, including Spain, China, Thailand, Taiwan, Mexico, India and Italy. The attacker claims there are "various reasons" why the sites were hacked
Dockster Mac Malware Targets Dalai Lama Website Through Flashback Vulnerability (Threatpost) Mac malware targeting Tibetan supporters is being served on a website connected to the Dalai Lama. The Dockster Trojan, discovered by researchers at F-Secure, exploits the same Java vulnerability as the virulent Flashback Trojan that hit more than 600,000 OS X users earlier this year. F-Secure researcher Sean Sullivan said current versions of OS X are not vulnerable; users who have disabled the Java browser plug-in are also not vulnerable
New 'Dockster' malware targets Apple computers (Computer World) A new piece of malicious software targeted at Apple users has been found on a website dedicated to the Dalai Lama, but one security vendor is labeling it as low risk. The malware, nicknamed "Dockster," is a backdoor that allows an attacker to control the victim's computer, record keystrokes and export files, according to Intego, which sells security software for Macs. Dockster tries to infect computers by exploiting a vulnerability in Java, CVE-2012-0507
Zero-Day Vulnerabilities Found In MySQL, Version Of SSH (CRN) Newly discovered vulnerabilities in MySQL database software threaten software crashes, loss of service, privilege escalation and authentication bypass, but it appears at least some of the flaws are dependent upon server and/or firewall configuration
Researcher releases a slew of MySQL and SSH exploits (Help Net Security) Security professional Nikolaos Rangos, who is better known by his online handle Kingcope, has flooded the Full Disclosure mailing list over the weekend with information and exploits for a number
Experts Downplay MySQL Database Zero-Days (Threatpost) A rash of zero-day exploits and vulnerabilities in the MySQL database were disclosed to the Full Disclosure mailing list over the weekend, but experts are saying they're much ado about nothing
Bug Hunter Finds 'Blended Threat' Targeting Yahoo Web Site (Threatpost) A Romanian bug hunter has discovered a "blended threat" targeting Yahoo's Developer Network Web site that allows unauthorized access to Yahoo users' emails and private profile data. At a security conference Sunday, Sergiu Dragos Bogdan demonstrated an abbreviated version of an attack using the YQL console on developer
Attackers can abuse Yahoo developer feature to steal user emails, other data (Computer World) Attackers can read emails, contacts and other private data from the accounts of Yahoo users who visit a malicious page by abusing a feature present on Yahoo's Developer Network website, according to an independent security researcher. A limited version of the attack was presented on Sunday at the DefCamp security conference in Bucharest, Romania, by a Romanian Web application bug hunter named Sergiu Dragos Bogdan. In his presentation, the researcher showed how the Web-based YQL (Yahoo Query Language) console, available on the developer
Some Highway Traffic Systems Open to Man-in-the-Middle Attack (Threatpost) Highway traffic systems deployed across the United States could be open exploit via what a group of researchers has deemed an "insufficient entropy vulnerability" in the systems' software
Reveton impersonates FBI, claims to record users' illegal activities (Help Net Security) The deadly combination of the Citadel malware and the Reveton ransomware is still widely used to steal information and money from uninformed users, the Internet Crime Complaint Center (IC3) warns
Handy malicious domain registering service available to cybercriminals (Help Net Security) Despite its illegal nature, the industry revolving around cybercrime follows the same rules characteristic for any human economic enterprise: those who discover a need, create a product or service that
'Anonymous' hackers attack Oz party website vowing to 'eradicate it' (Newstrack India) Hackers have attacked the website of a socially conservative political party in South Australia with a message vowing to 'eradicate (sic)' it. Information on Family First party site containing its policies has been replaced with a warning message under the headline 'HACKED BY ANONYMOUS', which was accompanied by an audio clip of a hip hop song by Australian band Dyad Souls."Your moronic backwards preaching will no longer be tolerated (sic)," the message reads in red."You claim to support family values - but all you support is bigotry. You encourage your children to grow up as ignorant as yourselves"
Breach at Macquarie Uni, hackers claim 1 million plain text passwords exposed (ZDNet) Macquarie University has had one of its sites breached and defaced over the weekend in an apparent show to demonstrate that its servers' security are not being maintained to a sufficient standard. On Friday, one of Macquarie University's web applications, designed to assist international students in applying to study, was breached and defaced by two hackers going by the names of "JuliaDaRanga1000" and "AbbotttheFaggot2000." The defacement makes a number of disparaging remarks about the university's security, mocking what they call a complete lack of security."Macquarie University, let me ask you this, who the f*** do you hire for security? Oh, wait, there is none," the two hackers wrote on the site."When your administration panel is accessible publicly, what do you think will happen
Tumblr worm hitting websites, posting identical message from GNAA (Naked Security) Tumblr is hit by a massive hack attack, as many webpages are defaced with a message from the GNAA
Infectious Worm Spreading on Tumblr (Mashable) "There is a viral post circulating on Tumblr which begins 'Dearest 'Tumblr' users.' If you have viewed this post, please log out of all browsers that may be using Tumblr immediately.
How the Tumblr worm spread so quickly (Naked Security) SophosLabs explains how today's Tumblr worm was able to spread so quickly
SMS and the 11 Popular Methods of Cyber Hacking Smartphones (International Business Times) A report by Malaysian daily The Star on Sunday said that the country logged 24 cases of electronic hacking involving RM3. 3 million in losses. The hacking of smartphones took place between January and September 2012
Three out of every four malware infections are caused by Trojans (Help Net Security) Panda Labs analyzed the IT security events and incidents from July through September 2012. The third quarter of the year has seen an increase in the number of hacking attacks on major companies aimed
Facebook and Google+ are prime targets for easy attacks (Help Net Security) The law created to protect children's online privacy actually increases risk, according to new research from Polytechnic Institute of New York University (NYU-Poly)
Employees use file sharing services despite bans (Help Net Security) Large numbers of employees use Dropbox and other consumer file sharing services for sensitive work-related data, even if they know that their employer has a specific policy banning the use of such service
Apple's device popularity in the enterprise brings increasing malware threats (Fierce Mobile IT) The popularity of the iPad and iPhone has led to a proliferation of Apple (NASDAQ: AAPL) devices in the enterprise, fueling the BYOD trend. In fact, Apple devices have become so widespread in some organizations that IT shops are considering deploying an Apple operating system for all of their computers
UK.gov: 'Foreign cyber reconnaissance' underway in UK (The Register) Foreign states may already have used malware to map the networks that support the UK's critical infrastructure systems, the government admitted. The admission by government officials came in the run-up to a parliamentary statement by Cabinet Office minister, Francis Maude, marking the first anniversary of the UK's government's National Cyber Security Strategy. Maude highlighted future work on a new UK National Computer Emergency Response team, further work on education and skills, Cyber Reservists for the MoD and a partnership with the private sector to boost the cyber security sector in the UK
Assange: Google, Facebook run 'side projects' for US spooks (The Register) WikiMartyr-in-waiting Julian Assange has emitted another screed in which he shares his belief that democracy is being dangerously undermined by government monitoring of the internet, and that Facebook and Google are helping those efforts. Chatting with RT, Assange has outlined his belief that nations now conduct surveillance on a massive scale, because it is cheaper to intercept every individual rather that it is to pick particular people to spy upon. French company AMESYS' 'EAGLE' product is nations' weapon of choice, Assange said, going on to add a quote from Bill Binney, whom he describes as a National Security Agency whistleblower, to the effect that nations now posses turnkey totalitarianism
Where do your backup tapes go to die? (Internet Storm Center) The trade press is filled with stories about companies getting into big regulatory trouble over lost backup tapes [1][2]. The tricky part is that usually, one reason companies use backup tapes is the ability to archive backup tapes offsite for extended periods of time. Terabytes by Terabytes, rotating cheap SATA disks usually is cheaper and faster, but hard drives don't have the offline persistence of backup tapes. But with offsite storage comes loss of physical control. You hire a reputable, but not too expensive, records company to pickup the tapes, and store them at what you hope to be a secure facility. So I was a bit surprised to find a drum full of backup tapes dumped into an alley close to my house. The drum was filled with LTO data tapes commonly used in backups. The tapes looked in good shape, but a bit wet due to being exposed to rain. I don't have a sacrificial reader to try them out (given that they are wet, I don't want to put them in a "good" reader that is still in use). There are no markings showing the owner of the tapes either on the drum or the tapes themselves, but a couple have pencil markings (like a letter and a number) indicating that they may be used
Security Patches, Mitigations, and Software Updates
Two High-Risk Flaws Fixed in Google Chrome 23 (Threatpost) Google ChromeGoogle has fixed two bugs in its Chrome browser, including a high-severity vulnerability in its media handler that a researcher named Pinkie Pie discovered. The bug, which is different from another use-after-free vulnerability the researcher used in the Pwnium contest at Hack in the Box in October, was serious enough to earn him a bug bounty of more than $7,000
MariaDB fixes zero day vulnerability in MySQL (The H) MariaDB fix icon A recently published security vulnerability in the MySQL open source database has been met with fixes by the developers of the open source MariaDB fork. The updates take care of the CVE 2012-5579 buffer overflow problem, which an
Cyber Trends
Would you dump your network provider after a security breach? (Help Net Security) Compromised security - rather than high monthly fees - would be the biggest catalyst for triggering UK smartphone users to change mobile network providers. The independent blind survey of 1,076 UK
2013: Year of the hybrid cloud (IDG News Service) The time for dabbling in cloud computing is over, say industry analysts…says Jim Reavis, executive director of the Cloud Security Alliance
MDM is 'bare minimum' for enterprises dealing with BYOD, says analyst (Fierce Mobile IT) For the average enterprise, a mobile device management solution is the "bare minimum" needed to handle the challenges posed by BYOD, said Chris Hazelton, research director for mobile and wireless at 451 Research
Despite IT managers' worries, smartphone users do not consider security when choosing carriers (Fierce Mobile IT) Smartphone security is a major concern of IT managers as they struggle to deal with the BYOD trend. Yet, security does not appear to be a big concern of smartphone users. Only 5 percent of users would switch carriers because of inadequate security protections, yet 63 percent would switch because of high fees, according to a survey of 1,000 smartphone users in the U.S., U.K. and Germany conducted by Opinion Matters on behalf of security firm Crossbeam
BYOD spurs renewed interest in VPN technology, says Citrix (Fierce Mobile IT) The BYOD trend is renewing enterprise interest in virtual private network, or VPN, technology because of security concerns, according to virtualization firm Citrix. Enterprises need to ensure that mobile devices and applications are accessing the company's internal network, but in a secure manner, according to Natalie Lambert, director of product marketing at Citrix
Marketplace
Contractors Say Sequester Will 'Shatter' Security Plans (Washington Times) Key defense contractors said Monday that automatic federal spending cuts set to begin next month would hamstring their ability to develop critical machinery, equip military personnel and help maintain national security
TASC CEO Pushes Back at Industry Sequestration Stance: Full Speech Text (Defense News) Earlier today we posted a story about an unusual industry press conference at the National Press Club, where TASC CEO David Langstaff put several Aerospace Industries Association officers on the spot by stating that further defense cuts are possible, and even laying out a $50-150 billion figure for possible cuts. Langstaff went further, saying that industry should be leading the way and making budget sacrifices as part of fiscal cliff discussions
Air Force CIO lays out plan for cyber advance (Federal Computer Week) New requirements, new missions, new training and a new era of frugality all are playing central roles as the Air Force works with the U.S. Cyber Command as well as the other services to defend cyberspace, Lt. Gen. Michael Basla told reporters at the
George: Non-IRS data can help combat tax-related identity theft (Fierce Government IT) Tax-related identity theft is a growing problem at the Internal Revenue Service. At the end of September the IRS had nearly 650,000 identity theft cases in its inventory, many with an average cycle time of over 6 months, according Nina Olson, taxpayer advocate at IRS
GSA shuts down apps.gov (Fierce Government IT) The General Services Administration has closed an online storefront for software-as-a-service closely associated with former Federal Chief Information Officer Vivek Kundra. The online store, apps.gov, was shut down "in an effort to provide streamlined customer service," GSA said in a statement, using language not dissimilar from its September 2009 announcement of the storefront's creation…The site came under criticism for offering free applications side-by-side with multi-million dollar applications, the latter being complex purchases unlikely to be made by agencies through a storefront
FierceGovernmentIT FOIAs OMB TechStat meeting info for 2011 and 2012 (Fierce Government IT) The Office of Management and Budget has considerably slowed down the pace of its TechStat reviews of agency information technology programs. OMB held only five TechStat meetings in 2011, and as of September, six in 2012, documents obtained by FierceGovernmentIT through a Freedom of Information Act request show
The end of TechStat (Fierce Government IT) The diminished frequency of Office of Management and Budget TechStat meetings is a likely indicator of an OMB oversight effort plodding toward an end
BAE Systems Detica consolidating, expanding Asia Pacific business (iTWire) Announced today by BAE Detica new Managing Director Asia Pacific and Middle ... with Detica's cyber security, financial crime and intelligence business
BAE Systems Detica To Hire 100 Cyber Specialists In Malaysia (Bernama) Global cyber security company, BAE Systems Detica, plans to hire up to 100 new cyber specialists in Malaysia next year in
Stratsec drops name, becomes BAE Detica: Four security consultancies merged (SC Magazine) Security consultancy Stratsec has officially lost its name as it merges with fellow acqusition of new parent company BAE Systems, British-based Detica, to become BAE Systems Detica
Symantec launches Margin Builder program for A/NZ partners (CSO) To further capitalise on the SMB market in A/NZ, Symantec has launched an enhanced incentive program for partners. The program, known as Margin Builder, enables Symantec Partner Program members to earn additional upfront margins on qualifying SMB deals. The new program will replace the vendor's SMB Opportunity Registration Program
Booz Allen Closes $154M Buy of ARINC Defense Engineering Business (Govconwire) Booz Allen Hamilton (NYSE:BAH) has completed its $154 million cash acquisition of ARINC's defense systems engineering and support business, adding nearly 1,000 employees to the Booz Allen roster. Booz Allen said it closed the transaction Friday and expects the transaction to increase its earnings for fiscal 2014, which starts April 1, 2013
CACI Completes Emergint Buy (Govconwire) CACI International (NYSE: CACI) has completed its acquisition of healthcare information technology firm Emergint Technologies for an undisclosed amount. CACI said it aims for the acquisition to help grow its presence in the healthcare IT market. President and CEO Dan Allen said Emergint brings established relationships with federal health organizations to CACI as public health
GeoEye Shareholders OK DigitalGlobe Merger (Govconwire) Shareholders at GeoEye (NASDAQ: GEOY) voted at a special meeting Monday to approve the company's $900 million merger with DigitalGlobe (NYSE: DGI)
France Telecom Invests Up To $20M In Lookout, Preloads Its Mobile Security Solutions On To Android Handsets (TechCrunch) Lookout, the mobile security company with ambitions to become the Symantec of the wireless world, is picking up a new backer, and and a major distribution partner in its bid to become a household name. France Telecom, owner of the mobile carrier Orange, is making a strategic investment in the startup, and it has also signed a deal in which Lookout will be preloaded on devices that it sells
SAP Clings To A Dated Cloud Apps Strategy (InformationWee) As cloud vendors Salesforce.com, NetSuite and Workday look toward larger companies, SAP courts small and midsize firms
News Corp. kills The Daily, its iPad newspaper (CNN) Launched two years ago at a splashy event, The Daily is ending its run this month. NEW YORK (CNNMoney) -- In the digital age, the shuttering of newspapers has become routine.
CSC to Sell Credit Unit to Equifax for $1 Billion (Businessweek) CSC agreed to sell its credit services business to Equifax Inc. (EFX) for $1 billion ... cyber and big-data offerings into businesses with as much as $1.5
Barracuda Networks hires new CEO (SC Magazine) William "BJ" Jenkins (left) has joined Campbell, Calif.-based Barracuda Networks as president, CEO and member of its board. Jenkins was formerly the president of EMC's backup recovery systems (BRS) division, and will now lead strategy and growth as the security and data protection solutions firm moves toward its IPO
Products, Services, and Solutions
Orange to install Lookout security software on Android devices (CSO) The rollout will start in France, Slovakia, Spain, and the UK. Mobile network operator Orange will install Lookout's Mobile Security application on some of the Android-based tablets and smartphones it distributes starting in 2013, aiming to protect millions of subscribers in the first year alone
Symantec Endpoint Protection 12 Adds vShield Integration & Increases Security Effectiveness (Dark Reading) New features expand protection of virtual environments
Windows 8 takes 1 percent of Web usage as Internet Explorer gains (Ars Technica) But most Windows 8 user aren't using Internet Explorer
Ice Cream Sandwich and Jelly Bean slowly eat away at Gingerbread (Ars Technica) Android 4.0, 4.1, and 4.2 account for around a third of all Android devices
Facebook's latest data grab causes user uproar (Computer World) Facebook (NASDAQ:FB) users are revolting. Voting has opened on the new privacy and governance rules; it looks like an overwhelming number are against the change. However, it sounds like it may just be a waste of time and effort
Privacy Worries Hound Facebook Yet Again (TrendMicro) Last week, many people made posts like this on Facebook…While this was quickly debunked as being entirely untrue, the fact that millions of people made the very same post speaks volumes about how worried people about their privacy on Facebook. It's probably not helping that Facebook just finished soliciting comments on their new Data Use Policy and their Statement of Rights and Responsibilities. Privacy groups in the US - specifically, the Electronic Privacy Information Center (EPIC) and the Center for Digital Democracy (CDD) - have objected to the changes
The Daily may be dead, but its app will live on as a publishing tool for brands (Quartz) When Brian Alvey first heard about The Daily, which was shuttered today after less than two years, it was still just a gleam in Rupert Murdoch's eye. Alvey was in a coffee shop in Rockefeller Center in New York, right behind News Corp.'s headquarters, being grilled by three guys, including John McKinley, the future CTO of News Corp., and Jesse Angelo, the future editor-in-chief of The Daily. They had one question for him: Could he do it? Could he build a fast, lightweight online newsroom that could push 120 pages a day of magazine-style content to users who might be on a slow internet connection
Vineyard Networks' Network Application Visibility Library (NAVL) Provides Layer-7 Deep Packet Inspection and Application Classification for Xirrus Application Control (MarketWatch) Xirrus Integrates Vineyard's NAVL DPI Engine Into Xirrus Wireless Arrays to Help Ensure Performance of Critical Applications in High-Density Environments
Unlocked iPhone 5: Worth The Cost? (InformationWeek) Apple is now selling an unlocked version of the iPhone 5 starting at $649. Make sure you know the pros and cons involved in buying an off-contract device
5 Ways Microsoft Can Save Windows 8 (InformationWeek) Microsoft's new OS holds plenty of potential, but so far consumers aren't loving the radically redesigned desktop. Microsoft should consider these changes
Technologies, Techniques, and Standards
A new brand of cyber security: hacking the hackers (Los Angeles Times) As head of the FBI's cyber crimes division, Shawn Henry often had to deal with exasperated company executives after his agents informed them that their networks had been hacked and their secrets pilfered."By whom?" the company officials would ask. "What have they taken? Where did it go?""Sorry," Henry's agents had to reply, "that's classified."Even though the FBI in many cases had evidence the attacker had been backed by a foreign intelligence agency, agents couldn't disclose it because the U.S. government believed doing so could compromise top-secret sources and methods
Catching Attacks From The Inside Means Crunching More Data (Dark Reading) Whether by mandate or mission, companies have increasingly focused on creating better systems for managing the identities and access rights of their employees. Such systems can be a goldmine of information on security events that may indicate that an attack is underway. Yet, it's not easy
NSTIC implementation group solidifies roles and responsibilities (Fierce Government IT) The Identity Ecosystem Steering Group recently took steps to clarify its operations and governance structure. The group adopted Nov. 11 the Rules of Association with approval from 97 percent of the IDESG voting members
Storage Virtualization Gets Real (InformationWeek) Four business scenarios illustrate how small and midsize companies can reduce costs, improve disaster recovery and more via storage virtualization
The Top 5 Cyber Security Threats That Could Affect Your Life (DeVry) Our electronic devices are such a big part of our lives today that it's hard to imagine what we once did without them. But our constant use of technology to keep in touch, pay bills, stay on top of the news, shop and research things has a downside: Our data can be exposed to criminals who commit crimes such as identity theft and credit card fraud - unless we take the proper precautions. Our growing reliance on electronic devices is part of the reason why careers in cyber security are growing at a faster pace. Jobs in information security, web development and computer network architecture - three fields at the forefront of cyber security - are expected to grow 22% between 2010 and 2020. Understanding the threats can help everyone do their part to make those jobs easier. Here are five top cyber security threats and tips on how to protect yourself against them, according to experts
Design and Innovation
Bye-bye, mouse. Hello, mind control (IT World) New interface methods will revolutionize how we interact with computers. When workplace computers moved beyond command-line interfaces to the mouse-and-windows-based graphical user interface, that was a major advance in usability. And the command line itself was a big improvement over the punch cards and tape that came before. We're now entering a new era of user interface design, with companies experimenting with everything from touch and voice to gestures and even direct mind control. But which of these new interfaces is appropriate for a corporate environment, and which are simply not ready for prime time
It Just Got a Lot Harder to Get Into Y Combinator (Wired Business) Acknowledging that it "grew too fast" Y Combinator chief Paul Graham says the high-profile startup factory is cutting the number of startups it accepts into its classes from a current 84 to "less than 50″ for the Winter 2013 classontent
She's Got Some Big Ideas (New York Times) Maria Popova is the editor of Brain Pickings, an online grab bag of eclectic information. SHE is the mastermind of one of the faster growing literary empires on the Internet, yet she is virtually unknown. She is the champion of old-fashioned ideas, yet she is only 28 years old. She is a fierce defender of books, yet she insists she will never write one herself
Research and Development
DARPA Seeks Revolution, Not Evolution, in Cyberspace Capabilities (Threatpost) DARPADefense Advanced Research Projects Agency (DARPA), the avant-garde research and development arm of the Department of Defense - perhaps best known for its central role in the development of the Internet - is soliciting research proposals that would help the military improve its cyber battlespace capabilities such that they match the DoD's existing superiority in the other domains of war. The 52-page announcement for the funding opportunity, enigmatically titled Plan X, is predictably vague. It is billed as a call for research proposal submissions designed to advance the nature of cyberwarfare by further measuring, quantifying, and understanding cyberspace as well as planning and managing large-scale, real-time operations on the dynamic network environments there
Academia
Academy Touts Future Cyber Center, New Major (Navy Times) The Naval Academy unveiled a design for its future cyber center on Monday and said the school was on track to offer a cyber operations major starting for this years freshman class the latest signal that cyber warfare will be critical for future conflicts
Cryptography Competition goes nationwide in honour of Alan Turing (University of Manchester) With almost 2,000 children entering the first Alan Turing Cryptography Competition earlier this year, the organisers have decided to open the challenge to children across the country. Dr Charles Walkden from the University's School of Mathematics says
More on Attribution and Retribution: Si Chuan University and Tencent (Volokh Conspiracy) A few posts back, I told the story of how Trend Micro identified "Luckycat," a Chinese hacker who had attacked the Dalai Lama, aerospace firms, and other targets. Based on what we know so far, it looks likely that the hacker is Gu Kaiyuan, formerly a student at Si Chuan University's Information Security Institute and currently employed by Tencent, the huge Chinese instant message firm…The usual assumption in these cases is that nothing more can be done. The Chinese government isn't likely to help, and Gu isn't likely to come to the US any time soon. But it's a globalizing world. And the US has more leverage than it's using…The answers to these questions are surely relevant to how welcome Si Chuan researchers should be in the United States. After all, if the University is a front for organized attacks on US institutions, or a handmaiden of Chinese repression, or if it just refuses to cooperate in an inquiry, why should the United States grant visas to its students or professors? Indeed, you kind of wonder why American schools, where academic boycotts to show moral disapproval of apartheid South Africa and even of Israel have been widely mooted, aren't reconsidering their ties to Si Chuan over its possible complicity in attacks on the Dalai Lama
Legislation, Policy, and Regulation
Wary of cyber security laws, UK eyes private approach (Cyber Warzone) Britain will try to get companies to beef up cyber security by encouraging investors and shareholders to hold them to account on the issue, but will reject U.S.-style mandatory reporting of online attacks, government officials say. Britain has made tackling the theft of intellectual property on the Internet and the protection of critical infrastructure from hostile cyber assault top national security issues, setting aside 650 million pounds ($1 billion) over four years to address the problems
National Security Agency Should Lead on US Cybersecurity (U.S. News & World Report) Daniel Gallington is the senior policy and program adviser at the George C. Marshall Institute in Arlington, VA. He served in senior national security policy positions in the Office of the Secretary of Defense, the Department of Justice
Dad's Army of cyber security experts to be created (Telegraph) A "Dad's Army" of cyber security experts is to be formed to tackle the growing threat to Britain's companies and help the military in times of crisis. The cyber reservists will be established alongside a new computer emergency response team following the UK's success in tackling online threats during the Olympics, Francis Maude, the Cabinet Office minister, said. Nine out of 10 large firms were victims of a cyber attack last year, with each security breach costing up to 250,000 pounds, figures showed
Cops to Congress: We need logs of Americans' text messages (CNET) State and local law enforcement groups want wireless providers to store detailed information about your SMS messages for at least two years -- in case they're needed for future criminal investigations. AT&T, Verizon Wireless, Sprint, and other wireless providers would be required to record and store information about Americans' private text messages for at least two years, according to a proposal that police have submitted to the U.S. Congress
WCIT-12 meets for first day in Dubai (Fierce Government IT) A U.S.-Canadian proposal to restrict the International Telecommunications Regulation treaty-revision conference that met for its first day Dec. 3 in Dubai gained sufficient support so that "an informal meeting" on one of its main points will convene Dec. 4, a source close to the U.S. delegation said
Paranoia Update: U.N. to Take Over the Internet (IEEE Spectrum) Podcast: Beneath the overhyped fears, there are real issues—backbone policies, cybersecurity, the free flow of information—at a major telecom conference
Calm Down: Nobody Is Taking Over the Internet (Gizmodo) Calm Down: Nobody Is Taking Over the Internet For the next two weeks, the ITU--a United Nations agency that was formed to regulate telegraph lines in the 19th century--will try to make new rules for the Internet
Litigation, Investigation, and Law Enforcement
Civil litigation: A better way to improve cybersecurity? (CSO) Former Homeland Security officials says settlement in Patco online banking suit is evidence that liability is better than legislation
Europe v Facebook Privacy Campaign Group Is Preparing To 'Fight' Facebook In Ireland, Sets Up Crowdfunding Platform To Fund Legal Fight Against Irish DPA (TechCrunch) The European activists behind the Europe v Facebook campaign group have stepped up their long running battle against the social network. The group has indicated it is preparing to "fight" Facebook in Ireland — the location of Facebook's international headquarters — by challenging the Irish Data Protection Authority's (DPA) finding on its privacy complaints against Facebook in court there
Fugitive John McAfee's location revealed by photo meta-data screw-up (Naked Security) Has EXIF data tripped up the founder of one of the world's most well known security firms, as he runs from the police in Belize
South Carolina state wonders how to pay the bills after security breach (Cyber Warzone) In a report provided by Mandiant you can read that the South Carolina Taxpayers were attacked by hackers. The data breach that hit South Carolina could have been prevented some say but what the report says is that the data wasn't even encrypted. We are talking about social security numbers and other credentials
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Cybergamut Tech Tuesday: Sandboxing goes mainstream (Columbia, Maryland, Dec 4, 2012) An overview of sandboxing as a key security technology.
CIO Cloud Summit 2012 (, Jan 1, 1970) The CIO Cloud Summit will help C-level executives better understand the true capabilities of cloud computing and the transformational opportunities it can bring.
BayThreat (Sunnyvale, California, Dec 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
2012 European Community SCADA and Process Control Summit (Barcelona, Spain, Dec 10 - 11, 2012) The European SCADA Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the principal cyber security risks to control systems and the most effective defenses.
SANS SEC 504 - Hacker Techniques, Exploits & Incident Handling (Linthicum Heights, Maryland, USA, Dec 10 - 14, 2012) Rescheduled after Hurricane Sandy, this SANS Institute program provides information on how to recognize and respond to hacking.
tmforum Big Data Analytics Summit (Amsterdam, Netherlands, Jan 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates, panels, interactive sessions and networking opportunities that maximize every participant's opportunity to network and generate ideas that can be implemented immediately.
#BSidesBOS (Cambridge, Massachusetts, USA, Feb 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..
TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.
e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.