The CyberWire Daily Briefing for 5.27.2013
Chinese hackers are reported to have stolen plans for the Australian Security Intelligence Organisation (ASIO) headquarters in Canberra.
The Assad regime's Syrian Electronic Army resumes its campaign against news services with attacks on Britain's Sky News and ITV. Israeli security experts say the SEA also attempted to disrupt control system in Haifa's water supply, but that the attempt was thwarted. Reporters Without Borders wants to know why Blue Coat deep packet inspection technology was supplied to Assad.
The US Administration (and Congress) up the ante with Iran by describing in greater detail apparent continuing Iranian attempts against US firms and infrastructure, notably against the energy sector. Observers speculate that such operations are retaliation for the Stuxnet campaign against uranium enrichment facilities.
Several nuisance attacks are reported, many from Islamist hacktivists with some curious target sets—most oddly, Turkish hackers continue to focus on Akron, Ohio. Other attacks hit automobile manufacturers (Peugeot in Canada, Isuzu in France), banks in Ghana, Monsanto UK, petition site Change.org, and the HITRUST health information security organization. South African police say they "hacked back" at those responsible for recent cyber attacks.
Two-factor authentication remains a valuable security tool, but no thinking person believes it a panacea (a new Android Trojan successfully bypasses it). Other useful tools—next generation firewalls—should also be used with circumspection: their downside lies in management complexity.
Palantir gets some love from Australian investment analysts, and Booz Allen retrenches to focus on cyber.
A researcher demonstrates a "structural" approach to malware scanning.
Today's issue includes events affecting Argentina, Australia, Canada, China, France, Gabon, Germany, Ghana, India, Iran, Israel, Mexico, Netherlands, New Zealand, Pakistan, Paraguay, South Africa, Syria, Turkey, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
ASIO blueprints stolen in major cyber attack (ABC Online) Computer hackers in China are understood to be behind a cyber attack in which highly classified blueprints of Canberra's new ASIO headquarters were stolen. The ABC's Four Corners program can reveal the stolen blueprints detail the communications layout
ITV News London Twitter account Hacked by Syrian Electronic Army (Hack Read) The Pro Syrian President Bashar al-Assad hackers from Syrian Electronic Army has hacked the official Twitter account of British broadcaster ITV News, just days after Twitter claimed to have boasted up the security to avoid such attacks
Sky News Android apps on Google Play Hacked by Syrian Electronic Army (Hack Read) After making its name in hacking websites, Facebook and Twitter handles of major media outlets, Syrian Electronic Army has moved one level up by hacking Sky News' Google Play account
Israeli Expert Says Syria Cyberattack Foiled (AP) An Israeli security expert says Syrian hackers tried to break into the computers of the water system of the city of Haifa. Speaking at a lecture on Saturday in the southern city of Beersheba, Yitzhak Ben Yisrael, Israel's former cyber security adviser, said that a group calling itself "The Syrian Electronic Army" had launched the failed attack two weeks ago
U.S. spy servers found in Syria spark queries (The Daily Star) Reporters Without Borders is calling for explanations from a Californian Web security company after a hacktivist group discovered 34 of its servers were being used by the Syrian government, potentially to spy on Internet users. The Blue Coat servers use Deep Packet Inspection technology "to analyze and control the activities of Syrian Internet users — censuring websites, intercepting emails, obtaining details of sites visited and so on," RWB said
New Computer Attacks Traced to Iran, Officials Say (New York Times) American officials and corporate security experts examining a new wave of potentially destructive computer attacks striking American corporations, especially energy firms, say they have tracked the attacks back to Iran
The White House: Cyber attacks against critical infrastructure are way up (Foreign Policy) Here's the White House's response to Killer Apps' request for comment on last night's Wall Street Journal article citing current and former administration officials saying that Iranian hackers have penetrated the networks of U.S. energy firms. Basically, National Security Staff spokeswoman Laura Lucas confirmed that our critical infrastructure, including the energy sector, is under cyber-attack, with DHS responding to 177 attacks in 2012, and that the administration is hustling to share as much information as possible about cyber-threats with critical-infrastructure providers. Notice the statement below doesn't confirm or deny the WSJ's claim that Iranian hackers specifically are responsible
Hackers appear to probe US energy infrastructure (CNN) The United States is investigating "a string of malicious" cyber incidents that appear to be focused on probing energy infrastructur
US electric grid under 'constant state of attack' from hackers (Computing) American utility providers are under constant assaults from hackers, a new Congressional report reveals, with one electricity firm reporting 10,000 attempted cyber attacks in one month. Congressmen Edward Markey and Henry Waxman surveyed over 100 utility firms across the US, with results published in the Electric Grid Vulnerability report suggesting they're under constant threat from computer hackers
Facebook phishers target Fan Pages owners (Help Net Security) Phishing emails claiming to come from "Facebook Security" are once again hitting users' inboxes, and this time they are aiming for the big fish: pages that are likely to have more followers than a random private user
#usaOPERATION1: Akron Canton Airport Hacked, 15,000 credentials leaked by Turkish Ajan Hacking Group (Hack Read) Online hackavists from Turkish Ajan hacking group have hacked and defaced the official website of Akron Canton Airport, as a result information of over 15,000 people along with airport's tenders and other financial details have been leaked online for #usaOPERATION1
Paraguay Embassy in Argentina, 200 Mexican, 177 Pakistani Websites Hacked by Islamic Ghost Team (Hack Read) A hacking group going with the handle of Islamic Ghost Team from Morocco has hacked and defaced hundreds of websites including the official website of Paraguay Embassy in Argentina (http://paraguay.int.ar), 200 Mexican and 177 Pakistani websites
#OpGabon: Anonymous Leaks Credentials of Companies for Supporting Gabon Government (Hack Read) Online hackavists group Anonymous have breached website of a Gabonese based logistic company Courtage Gabon Logistique (cgl-gabon.com) for supporting the alleged killings of Gabonese youth
Atlantic Bank, Fidelity Bank Ghana and few other sites hacked by Sepo (E Hacking News) A hacker with twitter handle @anon_4freedom a.k.a "sepo" who has been quite for some time, has come with some interesting hacks. Today he hacked into multiple Bank websites
Monsanto UK Hacked, Data leaked by @Ag3nt47 (Cyberwarnews) Hacker @Ag3nt47 has been at it again, this time setting sights on Monsanto United Kingdom. Just now the hacker has announced a leak from the sites data base in relation to the on going protests that have taken place this weekend all around the world and are said to of gained over 1 million people in many different country's standing up and speaking out against Monsanto's on going food modification programs which have affected many well known brands
Petitions Website Change.org Hacked and Edited by Terminal hacker (Hack Read) A hacker going with the handle of Terminal Hacker has hacked famous petition site Change.org, as a result the hacker successfully changed and at some point edited the petitions with custom backgrounds and also modified the petition for Kaitlyn Hunt to express concerns over security
The Health Information Trust Alliance (HITRUST) Hacked by @TeamBerserk (Cyberwarnews) The Health Information Trust Alliance (HITRUST) has become a victim to hackers who have managed to breach its server and leak data. The hackers who use the handle @TeamBerserk have announced the leak from the HITRUST main alliance server and website in the early hours of the 27th May, 2013. HITRUST is focused on information security of the health industry offering insights into risk management, security breaches and offers training for security experts in these fields
Symantec warns of Chehrakitab, other Facebook scams (Business Today) Internet security firm Symantec's response team has warned Facebook users of two new phishing scams that try to replicate the look of the popular social media network to "harvest user credentials"
Peugeot Canada Hacked, Accounts and Data leaked by @Ag3nt47 (Cyberwarnews) A hacker using the handle @Ag3nt47 who recently has made some headlines as successful breached Peugeot Canada
Isuzu France Hacked, Data Leaked by @pentester_1996 (Cyberwarnews) A hacker using the handle Human Mind Crack3r or @pentester_1996 has posted a leak of data from yet another automotive Giant
State hacks back (News24) The state's IT agency has brought in its own hackers to protect government websites from international cyber attacks after the website of the SA Police Service (SAPS) was cracked two weeks ago
New Android Trojan makes the Two-step authentication feature insecure (E Hacking News) Two-Step authentication feature become insecure system when your android device got infected with a new malware which is capable of intercepting your messages and forwarding them to cybercriminals. The Trojan, discovered by the Russian antivirus company Dr.Web, spreads as a security certificate that tricks users into thinking it must be installed onto their device
Video: The effectiveness of two-factor authentication (SC Magazine) After being hit by a password breach, it seems as though a common response for many organizations is to implement two-factor authentication. Apple, Yahoo, Twitter, and WordPress have all implement the extra step for security measures. As a deterrent to basic phishing and malware attacks, Alex Doll, CEO of OneID, believes that two-factor authentication is a great remedy. However, he says that there are still exploits out there where it's not as effective, such as malware that's written to intercept an SMS intended to deliver an end-user's code for authorization
UDP port 1434 directed attack to AS13489 IP ranges (Internet Storm Center) We have seen today a big rise of incoming packets of what appears to be a SQL Slammer attacks. Some of the detected packets are
Slow ADSL? It could be a cyber-attack (MyBroadband) A new type of distributed denial of service (DDoS) attack that took Spamhaus off the web for some hours (and "almost broke the Internet") has made its way to South Africa, causing major congestion on the ADSL connections of infected users
Attackers use Skype, other IM apps to spread Liftoh trojan (SC Magazine) Users receiving shortened URLs in Skype instant messages, or similar IM platforms, should be wary of a new trojan, called Liftoh
Downloader.Liftoh Cousin to W32.Phopifas? (Symantec) Downloader.Liftoh is a Trojan horse detected by Symantec that downloads malware onto the compromised computer without the user noticing. A new variant of this threat, discovered in early May, was identified in some Spanish-speaking countries in Latin America. This variant of Downloader.Liftoh sends messages in Spanish instead of English. The threat is similar to W32.Phopifas which we wrote about in our blog from October 2012
Cyber criminals resurrect credential-stealing Zeus/Zbot malware (V3) We can now include the data-stealing malware Zeus/ZBOT to this roster of old-but-new threats, which have increased these past months, based on Trend Micro Smart Protection Network feedback," wrote Trend Micro's Jay Yaneza. "Zbot variants surged in the
Apple, Google putting mobile Wi-Fi users at risk, says security expert (FierceCIO: TechWatch) Despite having been identified years ago, the Preferred Networks List Wi-Fi bug remains unaddressed on many smartphones, warns security expert Raul Siles. The problem is simple enough, and has to do with how Wi-Fi client devices maintain a list of wireless networks that they have previously connected to. In an improper implementation, the Wi-Fi client performs the network discovery process in a way that effectively broadcasts the content of this "preferred network list" in the open
Hard-coded ICS credentials getting easier to find (Threatpost) Hard-coded credentials are a longstanding security no-no, but they're also an ever-present reality because of developers and IT managers who require remote access to networks and systems for troubleshooting purposes. The level of risk in such cases depends on the system in question. But one thing is sure: researchers and hackers are looking for these built-in passwords and they're getting easier to find
Security Patches, Mitigations, and Software Updates
ShadowKit v1.6 has been released! (Red Rock Solutions) ShadowKit 1.6 has been released. This release adds a new dialogue window when exporting files that gives you the options to choose if you want a Manifest and/or file-list
Next-Generation Firewalls Enhance Security But Add To Management Issues, According To New AlgoSec Survey (Dark Reading) AlgoSec, the market leader in Security Policy Management, has issued the results of a new survey showing that while adoption of Next-Generation Firewalls (NGFWs) is growing, with 36% of organisations deploying them, NGFWs also add significantly to security management tasks. Also, poor visibility of security policies and lack of process automation have the biggest impacts on network security
Why China's Corporate Espionage Is NOT An Act Of War (Business Insider) It comes down to the difference between stealing information and directly causing widespread death and/or destruction. America lets the Chinese army get away with hacking into and stealing secrets from a slew of giant multinational corporations because hacking is just another form of espionage, and espionage is not an act of war
Forget the word 'cyberwar' says Marcus Ranum (The Register) If nobody can win, it's not a war. Security veteran and CSO at Tenable Marcus Ranum has made a plea* for the world to stop using the expression "cyberwar", for the very good reason that there's nearly no way in which it resembles war in the physical world
InfoSec Blacklist of Charlatans: Interview with Jericho from Errata (Privacy PC) As Attrition.org states, Jericho is a security curmudgeon, pimp, helicopter pilot, lighter thief, HTML nazi, cat herder, guinea pig relationship specialist and obsessive compulsive TV game show participant. Jericho has been poking about the hacker/security scene for over 19 years (for real), building valuable skills such as skepticism and anger management. As a hacker-turned-security whore, he has a great perspective to offer unsolicited opinion on just about any security topic. A long-time advocate of advancing the field, sometimes by any means necessary, he thinks the idea of 'forward thinking' is quaint; we're supposed to be thinking that way all the time. No degree, no certifications, just the willingness to say things many in this dismal industry are thinking but unwilling to say themselves. He remains a champion of security industry integrity and small misunderstood creatures
Kiwis concerned about govt data breaches - Unisys survey (Computer World) New Zealanders show a high level of concern about loss of their private data by government and the financial industry, according to the latest Unisys Security Index findings
Network security deteriorating, privacy a lost cause (The Register) One suggestion: 'Don't armor the sheep, hunt the wolves'. Internet and network security is bad, and it's going to get worse before it gets better. To make it better, CIOs and IT admins need to rethink the way that they approach protecting their networks from hackers and other miscreants
2013 will see an explosion in malware (IT ProPortal) According to the German security company AV-Test, malware has exploded to unprecedented levels in the past five years. More troublingly, they anticipate seeing over 60 million new pieces of malicious software by the end of the 2013
Education 'key' to SA cyber threat (News24) Cyber security for financial transactions rests mainly with educating consumers, a panel of industry experts convened to discuss the threat has said. "I think we're all responsible to educate because security is a known issue across Africa and around the world," Andrew Kirkland, country manager for Trustwave in South Africa, told News24
Fake Gaming Apps Become Threat Staples: Trend Micro (Times of India) The spam and malicious domain volumes also spiked days before Valentine's Day, again proving that cyber criminals still profit from these ruses," said a press release by Trend Micro. It added that news events dominated the social engineering lures in
Rise in Sophisticated, Targeted Cyber Attacks Heightens Demand for Intrusion Prevention Systems Globally, Finds Frost & Sullivan (Consultant-News.com) The rising frequency and complexity of attacks that are far more effective at breaching enterprise networks' security detection systems have lent momentum to the global intrusion prevention system (IPS) market. The development of next-generation IPS (NGIPS) products with advanced protection capabilities has further spurred adoption
Making Sense Of The Internet Of Things (TechCrunch) The emerging Internet of Things is experiencing a burst of activity and creativity that is getting entrepreneurs, VCs and the press equally excited. The space looks like a boisterous hodgepodge of smart hobbyists, new startups and large corporations that are eager to be a part of what could be a huge market, and all sorts of
Secret Yakima facility may be outdated, expert says (Yakima Herald-Republic) The National Security Agency won't say why it's closing its listening station at the Yakima Training Center, but an NSA expert believes the facility's mission is simply outdated. The satellite communications intercepted and interpreted at the facility
NSA Caught Unawares By Data Center Tax (NetworkComputing.com) The whole purpose of an organization like the National Security Agency (NSA) is to know things far enough ahead of time that its human nodes are never surprised. Certainly that's a big part of the reason the agency has been building a heavily fortified
Evolve IP Listed as Participating Contributor on the Cloud Security Alliance (CSA) Security, Trust (Sacramento Bee) Evolve IP, The Cloud Services Company™, today announced that it has been listed on the Cloud Security Alliance's (CSA) Security, Trust and Assurance Registry (STAR). As an official STAR member, Evolve IP
Iron Bow Wins $108M Coast Guard IT, Hardware IDIQ (GovConWire) Iron Bow Technologies has won a potential five-year, $108 million contract to supply the U.S. Coast Guard workstations and associated information technology equipment. The Coast Guard Standard Workstation contract is the agency's only procurement vehicle for designated hardware items, Iron Bow said Wednesday
Booz Allen Hamilton tightens staff, produces profit (Washington Post) Booz Allen Hamilton's cybersecurity facility in Annapolis. The company is shedding jobs, but says it is hiring staff in areas such as cybersecurity. McLean-based Booz Allen Hamilton preserved its profit in its most recent quarter through a much tighter handle on its employee costs, company officials said last week. The consulting giant cut its staff by about 500 people over the past year, and now has a head count just shy of 24,500
Palantir's Software is so Good its First Client Was the CIA (Money Morning) Technology has a huge impact on how we fight terrorism and crimes against humanity. The high-tech gear used to catch the Boston Bombers demonstrated this. You see bad guys have technology whiz-kids too. More than you'd like to know. So the real war is making sure the right side stays ahead of the technological curve
Products, Services, and Solutions
Fortinet Introduces Next-Generation Operating System Inbox (Dark Reading) FortiWeb 5 OS able to accurately identify the origin of Web application traffic to distinguish between legitimate and malicious sources
Tech Insight: Free Versus Commercial Vulnerability Scanning Tools (Dark Reading) Free, open source vulnerability scanning tools are not always cheaper than their commercial counterparts. When it comes time to implement a vulnerability scanning program within your enterprise, should you be considering free and open source tools or focusing only on commercial solutions? This question regularly comes up when security teams are faced with budgetary issues and are left wondering if they can afford the hefty price tag that goes along with most enterprise scanning products
Anatomy of a change - Google announces it will double its SSL key sizes (Naked Security) Google just announced that its secure web pages will be ditching 1024-bit RSA keys in favour of 2048 bits. We look at the lessons to be learned from whats, the whys and the wherefores of this change
Google 'to roll out internet to Africa and Asia' (Telegraph.co.uk) According to US reports, the Californian technology giant is looking at how it can fund, build and run networks across sub-Saharan Africa and South East Asia
Microsoft Faults IT Security Practices in 'Cloud Computing' Report (Redmondmag.com) Microsoft claims that its CSRT tool is based on the Cloud Security Alliance's Cloud Controls Matrix, and that organizations can use it to check their existing IT capabilities vs. cloud services capabilities. Microsoft analyzed 5,700 responses to 27
Technologies, Techniques, and Standards
Gone phishing: Using staff to tackle cyber attacks (IT ProPortal) People are by far the greatest asset in any organisation, but companies consistently fail to appropriately use their staff to combat cyber attacks. Adversaries, including cyber criminals, nation-states, and hacktivists, are actively targeting employees and by not encouraging users to report suspicious emails, organisations are missing a huge opportunity to gather vital information about threats. Developing a formal process for users to report suspicious emails provides real-time threat information, helping to improve both response and mitigation strategies
5 signs that your computer is infected (Fox News) Oh, the not-so-humble computer virus. For decades, it's been making computer users miserable. It's like the common cold. You'd think someone would have cured both by now. Unfortunately, it looks like computer viruses are just getting stronger and smarter
The Power Of Data Exhaust (TechCrunch) Scott Brown had a question about the number of parked domains he was hearing about: Do the domain providers have an email reply set up? What he found has led to the launch of Bounce.io, a five-month company that harvests 20 to 30 million bounced emails per day in what is amounting to an advertising treasure chest and a very rich, big data honey pot
Podcast: The Big Truth — Responding To Sophisticated Attacks (The Security Ledger) If you work at a rank and file corporation in the U.S. or Europe, stories like those about the breach at the defense contractor Qinetiq are terrifying. Here's a company that's on the bleeding edge of technology, making autonomous vehicles and other high-tech gadgetry for the U.S. Military. Despite that, it finds itself the hapless victim of a devastating cyber breach that lasts - by all accounts - for months, or years. In the end, the attackers (likely linked to China's People's Liberation Army) make off with the company's intellectual property (likely all of it) and, soon, defense contractors in Mainland China start turning out devices that look eerily similar to the ones Qinetiq makes. Ouch
US Department of Justice lays out cybersecurity basics every company should practice (Network World) The mantra is old, grant you, but worth repeating since its obvious from the amount of cybersecurity breaches that not everyone is listening. Speaking at the Georgetown Cybersecurity Law Institute this week, Deputy Attorney General of the United States James Cole said there are a ton of things companies can do to help government and vice-versa, combat cyber threats through better prevention, preparedness, and incidence response
Should businesses retaliate when they get hacked? (FierceCIO: TechWatch) The Commission on the Theft of American Intellectual Property, in its "The IP Commission Report," recently suggested that businesses strike back at online attackers and hackers. You can read more about the suggestions here
Report: Companies should strike back at hackers (FierceCIO: TechWatch) Let businesses strike back at online attackers and allow them to retrieve stolen information from the origin networks. This summarizes one of the recommendations outlined in "The IP Commission Report," put together by the Commission on the Theft of American Intellectual Property. The report can be downloaded here
White House Announces Mobile Security Guidelines (InformationWeek) U.S. CIO VanRoekel says future for government is one where mobile is the default computing platform; highlights accomplishments of Digital Government Strategy
Research and Development
DISA to Spend Summer Exploring Security in the Cloud (SIGNAL) A hand-picked group of the U.S. Defense Department's top information technology experts will work with a giant in the cloud computing industry to determine how security will play a part on the military's migration to the cloud
Scanner identifies malware strains, could be future of AV (Help Net Security) When it comes to spotting malware, signature-based detection, heuristics and cloud-based recognition and information sharing used by many antivirus solutions today work well up a certain point, but the polymorphic malware still gives them a run for their money. At the annual AusCert conference held this week in Australia a doctorate candidate from Deakin University in Melbourne has presented the result of his research and work that just might be the solution to this problem
Next On Deck For Khan Academy: Better Diagnostics And Internationalization (TechCrunch) Even though Sal Khan is now running a platform that serves 6 million students and people a month, he's still churning out a couple videos a week. What's been most recently on deck? World War I. To make a video, Khan says he'll front-load several books worth of reading on everything from the Armistice Day to the sinking of the Lusitania. Then he'll start to make videos once
Hopkins closes science writing program, citing low selectivity (Baltimore Sun) Graduates of the Johns Hopkins University's master's program in science writing have explained the prospects of life on Mars, the promise of neuroscience research and the ethics of animal testing on the pages of Scientific American, Nature and Popular Science, on the airwaves of NPR and in books
Cybersecurity expert adds CNN contributor to his resume (The Exponent) In between attending meetings in Washington D.C. and teaching computer science students, one professor hopes to teach understanding about the cost of losing something important
Legislation, Policy, and Regulation
Four-star general in eye of US cyber storm (Reuters) The dual role means Alexander has more knowledge about cyber threats than any other U.S. official, since the NSA already protects the most sensitive U.S. data, extracts intelligence from foreign networks and uses wiretaps to track suspected terrorists
Government wants more Indian software for better cyber security (Economic Times) Government wants home-grown software to protect vital information of country instead of foreign ones.Government wants home-grown software to protect vital information of country instead of foreign ones. The country's top security agencies are not happy that they have to rely on foreign-made security software from the likes of Symantec and McAfee to protect India's critical information technology infrastructure
Cyber Command all set to be reality for Armed forces (Economic Times) The Armed forces are in the process of finalising a proposal to set up a Cyber Command and it would soon become a reality, Defence Minister A K Antony said today. "The Armed forces are making arrangements and they are in the process
Dutch Minister to clamp down on computer crime, sanction Skype taps (Forensic Focus) New legislation will make it possible for police and justice ministry officials to hack into suspects' computers even if the server is abroad, and tap into Skype conversations, according to various media reports. Nos television says justice minister Ivo Opstelten has drawn up a draft bill to tackle computer-related crimes because current rules are outdated
Litigation, Investigation, and Law Enforcement
Senator Graham Urges Special Counsel on U.S. Reporter Probes (Bloomberg BusinessWeek) A special counsel or other independent investigative body should be named to probe the U.S. Justice Department investigations involving journalists, Senator Lindsey Graham said
Leak investigations: What happens to those under the microscope? (Bend Bulletin) William Binney, a retired National Security Agency official whose career was derailed and life changed when he was investigated as part of an inquiry into a 2005 New York Times article, at home in Severn, Md., May 25, 2013. Details of investigations
What can government snoops get by with? (WND) Big Brother has become more emboldened than ever with the recent revelation that the Justice Department had obtained from telephone companies the records of Associated Press and other reporters to investigate an alleged national security leak, according to a report in Joseph Farah's G2 Bulletin
How Prosecutors Fought to Keep Rosen's Warrant Secret (New Yorker) The Obama Administration fought to keep a search warrant for James Rosen's private e-mail account secret, arguing to a federal judge that the government might need to monitor the account for a lengthy period of time
Press Sees Chilling Effect in Justice Dept. Inquiries (New York Times) James Bamford, author of the 1983 best seller "The Puzzle Palace" about the National Security Agency, said these latest leak cases make it increasingly difficult to establish new source relationships and that affects his reporting over all
Is The FBI Dumb, Evil, Or Just Incompetent? (TechCrunch) Your government is worried. The world is "going dark." Once upon a time, telephones were the only way to talk to someone far away, and the authorities could wiretap any phone they wanted. Nowadays, though, suspects might be communicating via Facebook, Google Hangouts, WhatsApp, Snapchat, Skype, Viber. And so, inevitably: "Today, if you're a tech company that's created a new and popular way
Reports: Liberty Reserve Founder Arrested, Site Shuttered (Krebs on Security) The founder of Liberty Reserve, a digital currency that has evolved as perhaps the most popular form of payment in the cybercrime underground, was reportedly arrested in Spain this week on suspicion of money laundering. News of the law enforcement action may help explain an ongoing three-day outage at libertyreserve.com: On Friday, the domain registration records for that site and for several other digital currency exchanges began pointing to Shadowserver.org, a volunteer organization dedicated to combating global computer crime
Trained pros should lead discovery (SC Magazine) Recently, Judge Shira Scheindlin of the Southern District of New York found custodial self-collection inadequate in certain circumstances (National Day Laborer Organizing Network, et al. v. United States Immigration and Customs Enforcement Agency, et al.). As she stated in her opinion: "Most custodians cannot be 'trusted' to run effective searches because designing legally sufficient electronic searches in the discovery or Freedom of Information Act (FOIA) contexts is not part of their daily responsibilities"
Idaho State University to pay HHS $400K after investigation reveals shoddy security (SC Magazine) Idaho State University (ISU) this week settled with the U.S. Department of Health and Human Services (HHS) for $400,000 in the wake of a data breach that exposed the personal information of 17,500 patients. Reported in August 2011, the incident at Pocatello Family Medical Clinic happened because of a disabled firewall maintained by the university, which oversees 29 outpatient clinics, according to HHS. About six of those clinics must follow Health Insurance Portability and Accountability Act (HIPAA) Security and Privacy rules, while the others aren't considered "covered entities," likely because of reasons such as they don't conduct electronic billing, an HHS spokeswoman told SCMagazine.com on Thursday
FTC Is Said to Begin a New Inquiry on Google (New York Times) Google's rivals have again prompted antitrust investigators at the Federal Trade Commission to examine the company's business practices, and staff members have begun a preliminary look at whether Google abuses its market dominance
For a complete running list of events, please visit the Event Tracker.
IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.
Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.
Private Sector Crossovers: Protecting People, Property and Information (, Jan 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.
Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.
DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.
Diversity Careers in Cybersecurity Symposium (Baltimore, Maryland, USA, May 30 - Jun 2, 2013) The 2013 Diversity Careers in Cybersecurity Symposium creates opportunities for networking and learning. We invite top executives to give presentations on topics ranging from leadership best practices to industry trends in technology. With 30,000 jobs in Cyber Security going unfilled in Maryland alone, the focus for 2013 is building the pipeline to fill the growing need.
Recent Advances in Reverse Engineering (RARE) (San Francisco, California, USA, Jun 1 - 2, 2013) The goal of the rare conference is to provide a venue where people interested in the analysis of binary programs can speak to one another directly, and to form a common language outside of their respective hyper-specialized, individual niches.
2013 St. Louis CISO Summit (, Jan 1, 1970) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations.
Consumerization of IT in the Enterprise Conference and Expo (San Francisco, California, USA, Jun 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise. Over two and a half action packed days, CITE 2013 will bring together IT and business executives, venture capitalists and other practitioners to showcase leading efforts and teach others how to make the most of this transformation.
Pen Test Berlin 2013 (Berlin, Germany, Jun 3 - 9, 2013) SANS Pen Test Berlin 2013 takes place from June 3rd to June 8th in the Radisson Blu Hotel on the bank of Berlin's River Spree. SANS will offer penetration testing courses as well as a series of presentations and social events. The training offers the opportunity to participate in NetWars.
CyCon 2013: 5th International Conference on Cyber Conflict (Tallinn, Estonia, Jun 4 - 7, 2013) CyCon 2013 is an annual NATO Cooperative Cyber Defence Centre of Excellence conference that is conducted with the technical cooperation of the IEEE Estonia Section. CyCon 2013 will focus on the technical, strategic and legal implications of using automatic methods in cyber conflicts. The conference will be organized along two tracks: a Strategic Track and a Technical Track. Legal aspects will be incorporated in these two tracks.
NSA SIGINT Development Conference 2013 (Fort Meade, Maryland, USA, Jun 4 - 5, 2013) The National Security Agency is responsible for providing foreign Signals Intelligence (SIGINT) to our nation's policy-makers and military forces. SIGINT plays a vital role in our national security by providing America's leaders with critical information they need to defend our country, save lives, and advance U.S. goals and alliances globally. The exposition will be unclassified and will consist of a one-day event as an adjunct to the SIGINT Conference. The conference sessions will be conducted in a classified area in close proximity to the exhibits.
U.S. Census IT Security Conference and Exposition (Suitland, Maryland, USA, Jun 5, 2013) The Census Bureau's Information Technology Security Office (ITSO) and the Census Bureau's Data Stewardship Office is putting together a series of workshops on 'Information Security' and 'protecting your information' to lead up to their Annual IT Security Awareness Conference. This specific workshop will take place on June 5, 2013 with a focus on Security Issues..
Capital Connection 2013 (Washington, DC, USA, Jun 5 - 6, 2013) Capital Connection™, a MAVA premier event, is designed for seasoned executives, entrepreneurs, and investors at all stages to come together under one roof to expand their innovations, create industry connections, or grow their enterprise. It is one of the nation's most respected industry conferences with more than 800 attendees each year who share a common goal of enhancing our technological ecosystem.
RSA Conference Asia Pacific 2013 (Singapore, Jun 5 - 6, 2013) Join your fellow information security professionals at the inaugural RSA Conference Asia Pacific, where we'll be discussing security issues from both a global and Asia Pacific perspective. Delegates will be able to attend keynote sessions presented by leading information security industry experts and guest speakers, and choose from approximately 50 sessions.
29th Annual INSA William Oliver Baker Award Dinner (Washington, DC, USA, Jun 7, 2013) his year's awardee is General Michael V. Hayden, former Director of the Central Intelligence Agency and the National Security Agency. Registration is now open and tables are available for purchase.
2013 Cybersecurity Innovation Expo (Baltimore, Maryland, USA, Jun 10 - 13, 2013) Do not miss the opportunity to participate in the 2013 Cyber Innovation Forum with active participation from National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and the Department of Homeland Security (DHS). This four-day event will take place at the Baltimore Convention Center on Monday, June 10 - Thursday, June 13 with the exposition taking place June 11-12.
CISSE 17th Annual Colloquium (Mobile, Alabama, USA, Jun 10 - 13, 2013) The Colloquium for Information Systems Security Education will meed in Mobile to discuss topics of great interest to our community, including cyber security education, certification, and accreditation.
3rd annual Cyber Security Summit (, Jan 1, 1970) Over the last 2 years, the summit has gathered 150+ senior Defence, National Security and Industry executives to address current and emerging cyber threats to Australia's security. Now in its 3rd year, ADM Cyber Security aims at: reviewing solutions to the ever increasing level of attacks, whether real or potential, [and] equipping all stakeholders with a wide range of actionable strategies.
NovaSec! (McLean, Virginia, USA, Jun 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.
Suits and Spooks La Jolla 2013 (LaJolla, California, USA, Jun 15 - 16, 2013) Exploring Cyber Warfighting and Threat Mitigation for Corporations and Governments. The original concept for this event was to look at what special operations forces and corporate CERTs or SOCs have in common…it readily became apparent that two broad areas kept coming up: threat mitigation through intelligence and active defense (a.k.a. offense as defense). San Diego is a wonderful location for exploring this theme thanks to its military and high technology industries. The FBI, NCIS, DOD, academia and some cutting edge INFOSEC startups will be represented.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
Hack in Paris (Paris, France, Jun 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted a stellar lineup of speakers and promises to be a very technical event with heavy emphasis on training. This is its second year.
2013 ICAM Information Day and Expo (Washington, DC, USA, Jun 18, 2013) This day provides a forum for the Identity, Credential and Access Management (ICAM) community to get first-hand information on current identity management and related technologies.
Buzzword Forensics: Mobile is the Future…and the Future is Now (Laurel, Maryland, Sioux Falls, Jun 18, 2013) Digital forensics is evolving, as all forensic sciences must evolve. With the explosive growth of the Internet as context, the discipline of digital forensics has evolved significantly since the last millennium. In today's talk we briefly explore this evolution from the Paleolithic last millennium to our present, and increasingly mobile ecosphere. Mobile device forensics has something old and something new. Open source and commercial tools have had spotty records over the years with respect to mobile device forensics. We will explore some of the similarities and look explicitly at some of the major differences between classic computer forensics and mobile device forensics, using demos of Android forensics as an exemplar. Al Holt, adjunct professor at Towson University, will be the presenter.
NASA National Capital Region Industry Days (Washington, DC, USA, Jun 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in the marketplace.
AFCEA International Cyber Symposium 2013 (Baltimore, Maryland, USA, Jun 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government, the International Community, Industry and Academia, to discuss the development of robust cyberspace capabilities and partnerships. The AFCEA International Cyber Symposium 2013 focuses on the critical missions of U.S. Cyber Command and the interface with Army Cyber Command, Marine Corps Forces Cyber Command, 10th U.S. Fleet Cyber Command, 24th Air Force Cyber, Department of Homeland Security, U.S. Coast Guard, DoD-CIO, National Security Agency (NSA), Defense Information Systems Agency (DISA), Defense Advanced Research Projects Agency (DARPA), Academia, Industry partners. The operational theme " Defining Full Spectrum Global Cyberspace Operations" will explore the operational security of DoD and Industry Networks, Cyber Operations with Joint and Coalition partners, and discuss the training and development of the cyber workforce.
ShakaCon (Honolulu, Hawaii, USA, Jun 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better than "sun, surf, and C Shells?" There are intensive training classes on hacking mobile apps and even lock picking (the set of tools is included in the class registration).
American Technology Awards Technology and Government Dinner (Washington, DC, USA, Jun 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology networking event bringing hundreds of tech industry, congressional, and government leaders together at one venue to celebrate the partnership between industry and government.