The CyberWire Daily Briefing for 6.11.2013
Anonymous Turkey hacks Fox and VodaSoft. Hacktivists in Myanmar also raid media sites, but their sympathies lie with the regime.
Several new threats and vulnerabilities are reported. Companies accepting Bitcoins may also be accepting privacy problems for their customers. Android bank fraud Trojans now spread by Bluetooth. New backdoor malware is detected in Asia. The Apple Store is found susceptible to cross-scripting attacks. A botnet built of unpatched Plesk servers has emerged. Self-propagating versions of ZBOT appear in the wild. McAfee corrects its earlier assessment and says Koobface is becoming less prevalent.
Reporters who broke the PRISM story say more revelations are on the way. Industry analysts worry the affair is damaging US exports of IT products and services: InformationWeek, for example, concludes no data are secure when entrusted to a commercial service provider.
PRISM also draws attention to contracting in the US Intelligence Community, with several editorials suggesting that contractors pose a particular security risk (hard as that may be to square with the on-going Wikileaks court-martial). National Security Agency surveillance programs conducted under the Foreign Intelligence Surveillance Act do seem have kept bipartisan support in the US Senate (notably with Senators Feinstein and McCain); the House will received a full briefing soon.
The Guardian, which has covered PRISM closely, helpfully reviews anonymizing products. In the UK HM Government denies illegal spying on HM subjects. Quartz finds US surveillance mild compared to Canadian, Italian, and Indian collection.
Today is Patch Tuesday, and Microsoft is expected to issue five fixes.
Notes.
Today's issue includes events affecting Canada, China, Cuba, Egypt, European Union, Germany, India, Iran, Israel, Italy, Democratic People's Republic of Korea, Myanmar, Pakistan, Saudi Arabia, Syria, Turkey, Turkmenistan, United Kingdom, United States, Uzbekistan, and and Vietnam..
Cyber Attacks, Threats, and Vulnerabilities
Anonymous Turkey Hackers Hit Fox, VodaSoft (eSecurity Planet) More than 6,000 user names, e-mail addresses and passwords were published online
Israel under 'non-stop' cyber attack from Iran (Computing) Israel's computer systems are subject to constant cyber attacks from Iran, Lebanon and Palestine, the country's Prime Minister Benjamin Netanyahu has claimed. While giving no indication about the number of attacks, Netanyahu told a cyber security
Internet Gurus Fear Iranian Assassins (Cyberwarzone) For two years now Iran has been more energetically getting into Information War. This includes defense (a special Internet censorship unit) and offense (a Cyber War operation that is being detected more frequently on networks outside Iran)
Hackers "a major threat" to independent media in Myanmar (Eleven Myanmar) The Eleven Media Group was victim of yet another malicious cyber attack on Saturday night by a hacker group bent on instigating religious hatred and silencing the independent press in Myanmar
Potential privacy problems for companies accepting Bitcoins (Help Net Security) Businesses accepting Bitcoin payments might want to consider the privacy implications that such an option creates for its customers and for themselves
Android Trojans spread by Bluetooth, hijack bank codes (CSO) Mobile malware gets more complex, defeats two-factor authentication
New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say (CSO) The malware steals credentials and allows attackers to execute commands on infected computers, researchers from Rapid7 said
Apple Store Vulnerable to XSS (Threatpost) There is a cross-site scripting vulnerability in the Apple Store Web site that is exposing visitors to potential attack. The vulnerability was discovered by a German security researcher who says he informed Apple about the problem in mid-May, but the vulnerability still exists
IRC Botnet Leveraging Unpatched Plesk Vulnerability (Threatpost) A sizable number of web servers running vulnerable Plesk software including a number of Apache servers make up a new IRC botnet
NSA Whistleblower Article Redirects to Malware (Threatpost) The Washington Free Beacon's website has been attacked and malware is redirecting visitors to a site hosting the ZeroAccess rootkit and scareware
Going Solo: Self-Propagating ZBOT Malware Spotted (TrendLabs Security Intelligence Blog) Who says you can't teach old malware new tricks? Recently, we reported on how ZBOT had made a comeback of sorts in 2013; this was followed by media reports that it was now spreading via Facebook. Now, we have spotted a new ZBOT variant that can spread on its own
Fake 'Unsuccessful Fax Transmission' themed emails lead to malware (Webroot Threat Blog) Have you sent an eFax recently? Watch out for an ongoing malicious spam campaign that tries to convince you that there's been an unsuccessful fax transmission. Once socially engineered users execute the malicious attachment found in the fake emails, their PCs automatically join the botnet of the cybercriminals behind the campaign
McAfee says it goofed over Koobface infection rates (SC Magazine) The prevalence of the Koobface worm, best known for its rampage through Facebook and MySpace a few years back, continues to decline, McAfee now admits. The security company said it erred when it reported last week as part of its first-quarter threat report that rates of the malware dramatically were climbing
False E-mails Confirming Order for TV with Amazon Target Innocent Internauts (SPAMfighter News) BitDefender the security company has reported of genuine-appearing order substantiation e-mails during the end-week of May 2013 that seemingly arrived from Amazon.com the popular Internet retail shop about a 55-inch television, and hit Internauts
Sutter Health Acknowledges Security Breach (eSecurity Planet) Approximately 4,500 patients' names, Social Security numbers, birthdates, addresses and phone numbers may have been exposed
Hetzner Hacked (eSecurity Planet) All clients are being asked to change their passwords. The German Web host Hetzner recently notified its clients that its technicians had discovered a backdoor in one of its Nagios internal monitoring systems
PRISM - not as bad as you thought? (And don't call it PRISM!) (Naked Security) You've almost certainly heard about PRISM, an abbreviation that has come to mean "US surveillance of everything." Since Naked Security first wrote about this unfolding drama last week, a raft of new information has come to light
NSA Dragnet Debacle: What It Means To IT (InformationWeek) PRISM shows companies can't assume their data is safe in the hands of commercial providers
Greenwald Says 'There's A Lot More Coming,' Argues NSA Revelations Don't Harm Security (Talking Points Memo) The Guardian's Glenn Greenwald on Monday defended the 29-year-old who served as the source of one of the biggest intelligence leaks in history, arguing that the revelations of the National Security Agency's sweeping surveillance programs only harmed "those in power who want to conceal their actions and their wrongdoing" while also foreshadowing future bombshells
Security Patches, Mitigations, and Software Updates
June 2013 Patch Tuesday features five security updates, rolls out today (WinBeta) Microsoft is set to roll out five security updates as part of June 2013 Patch Tuesday, which takes place today June 11th. Of the five updates, only one is labeled as Critical, the most severe level of updates. On top of the Critical update, there will also be four Important updates
Apple announces a slew of updates to iCloud (Ars Technica) Apple has announced new features to its iCloud service during its annual developer conference in downtown San Francisco. The Cupertino-based technology giant introduced the iCloud Keychain, a cloud-based storage locker and password management tool, in addition to iWork for iCloud, the company's long-awaited browser-based office suite that has been pegged as Apple's answer to Google Docs
Google Adds Detection For Obad Malware (Security Ledger) Just a follow-up to our story from last week on Obad, the new family of mobile malware that affects Google Android devices: In an e-mail to The Security Ledger on Friday, Google acknowledged the existence of the Trojan horse program and has updated its detection tools to be able to identify it
Cyber Trends
Gartner: 7 major trends forcing IT security pros to change (NetworkWorld) Mobile and cloud computing among "nexus of forces" putting pressure on CISOs. Enterprises are under heavy pressure to change their approach to IT security because of a "nexus of forces" that include big data, social networking, mobile and cloud computing, according to Gartner
Willis Report: Majority of Public Companies Indicate Cyber Attack Would Cause "Serious Harm" or "Adversely Impact" Their Firms (NASDAQ) A majority of the U.S. listed Fortune 500 firms are following the U.S. Securities and Exchange Guidelines by providing some level of disclosure regarding cyber exposures, with more than half indicating their
Immature approach to cyber threats placing companies at risk (Actuarial Post) Despite mounting concerns about the consequences of a cyber attack on their customers and reputations, many leading European organisations are still taking an immature approach to cyber risk and have yet to fully embed cyber threats into their risk
Cyber Insurance Take-Up Rate Among Fortune 500 Very Low (PropertyCasualty360) More than half of Fortune 500 firms disclosing cyber risk vulnerability believe their firms would be seriously harmed by a cyber-attack, but many are still unprepared for one, shows a Willis North America study. The top three cyber risks identified by
AT&T: Nearly Nine Out Of Ten Businesses Take Proactive Approach To Security (Dark Reading) Latest AT&T annual business continuity study brings to light several trends regarding how businesses are preparing themselves for potential disasters and threats
MN Expert: Cyber Attacks Rising, Target Small Businesses (KAALtv.com) We know tornado season, but we quite, we can never predict the cyber attack season. That's why we as citizens need to be vigilant," said Gopal Khanna, who is also the founder of the state's Cyber Security Summit. According to a Symantec internet
Marketplace
Contractors to Handle Marines Corps' Cyber Arsenal (Nextgov) One-third of the 1,000 personnel slated to handle cyber weapons for Marine Corps troops overseas will be contractors, according to the chief of the service's cyber command. Providing outsiders with inside knowledge of the military's cyber operations
Pentagon bids for $23 billion to combat cyberthreats (ZDNet) The Pentagon has called for $23 billion to be spent through fiscal 2018 to combat global cybercrime
House committee passes $522.1 billion National Defense Authorization Act (FierceGovernment) The House Armed Services Committee passed on June 6 their version of the fiscal 2014 national defense authorization act, specifying $552.1 billion in overall spending for base national defense and an additional $85.8 billion in overseas contingency operations
NSA leaks put focus on intelligence apparatus's reliance on outside contractors (Washington Post) Booz Allen Hamilton, which hired the 29-year-old Snowden three months ago to work at the NSA, has been a leader among more than 1,900 firms that have supplied tens of thousands of intelligence analysts in recent years, including technologists and field
Leak highlights risk of outsourcing US spy work (Economic Times) A special website lists job openings for those with security credentials, clearancejobs.com, with positions advertised such as "Intelligence Analyst 3/Targeter" for Northrop Grumman
Snowden highlights links between private sector and spies (Moneycontrol.com) Booz Allen, along with other defence companies such as General Dynamics, and Lockheed Martin, have generated millions in revenues from cybersecurity and other intelligence contracts with the US government. The shift towards widescale outsourcing by
Amid Rise Of Outsourcing, Shakier Vetting (Washington Post) The unprecedented leak of top-secret documents by National Security Agency contractor Edward Snowden raises far-reaching questions about the government's rush to outsource intelligence work to contractors since the Sept. 11, 2001, terrorist attacks
Our Privatized National Security State (NationalJournal.com) But these denials obscure a larger truth: The government's massive data collection and surveillance system was largely built not by professional spies or Washington bureaucrats but by Silicon Valley and private defense contractors
Should Private Contractors Do National Security Work? (Washington Post) There are a ton of important questions raised by the national security disclosures leaked to The Washington Post and the Guardian news organizations by Edward Snowden
Yahoo, Google, Facebook and more face fight to salvage reputations over NSA leaks (Guardian) Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple have been floundering for a response
The (Not-So) Curious Case of Zuckerberg and Page's Noticeably Similar PRISM Denials (Slate) A pair of Internet heavyweights have weighed in on the NSA's PRISM program, presenting a noticeably united front--in the eyes of some, perhaps curiously so. See if you can spot the similarities
Will Twitter Emerge as the Big Hero in PRISM Saga? (Slate) The Washington Post and the Guardian may have been the first to report the news that the National Security Agency had obtained access to the central servers of major Internet companies, but, a day later, the New York Times does a good job of catching up. The Times' Claire Caine Miller (and, to be fair, eight other reporters credited at the bottom of the story) provides a detailed account that, at least at first glance, appears to reconcile some of the initial contradictions. One of the notable aspects of the account that is worth highlighting though is how Twitter simply refused to cooperate. So far at least, it seems the microblogging social network was the only major tech company that refused to make it easier to turn over data to the government
Booz Allen's Top-Secret Workforce (Wall Street Journal) Mr. Snowden said his role as a systems administrator at NYSE-listed Booz Allen gave him wide-ranging access to the surveillance systems used by U.S. intelligence agencies. ... million contract to provide the U.S. Marine Corps headquarters with
Seven facts about Booz Allen Hamilton (Washington Post) The leaker of sensitive documents from the National Security Agency, Edward Snowden, was an employee of Booz Allen Hamilton, one of the largest and most successful contractors for defense and intelligence agencies
Booz Allen Hamilton A Major Player In Intelligence Community (WYPR) Back in the U.S., the leaks have put a spotlight on the company Edward Snowden worked for. Booz Allen Hamilton is one of the largest private contractors that does intelligence work for the government. Its share of the work keeps getting bigger, and as
How The Intelligence Community Is Undermining American Technology Companies In Europe (Slate) I alluded to this in a previous post, but spending a little time in Brussels really drives home the extent to which American national security agencies' internet snooping is making trouble for American high tech companies
Lunarline wins Federal Transit Administration security consulting contract (Government Security News) Cyber security company, Lunarline, Inc., announced on June 10 that it has been awarded a prime contract with the Federal Transit Administration (FTA), a division of the U.S. Department of Transportation (DOT), under which it will provide its Security Assessment and Authorization (SA&A) support to help ensure that the FTA establishes a highly secure information technology environment
BAE boosts cyber defence recruits (Orange UK News) Almost half of graduates and trainees being recruited by BAE Systems this year will join the firm's growing cyber and security subsidiary, Detica
DoJ clears Softbank's acquisition of Sprint (FierceMobileIT) The U.S. Department of Justice has cleared Softbank's acquisition of 70 percent of Sprint Nextel (NYSE: S) for $20 billion
Former WH Cyber Director Sameer Bhalotra Joins Damballa Advisory Board (GovConExec) Dr. Sameer Bhalotra, formerly a White House senior cybersecurity director, has joined the board of advisers at threat protection provider Damballa
CSC resets with inward look (Washington Technology) Company's transformation starts with 'getting fit' phase. Computer Sciences Corp. spent much of 2012 adjusting some contracts and trying to hold onto others. In March, CSC restructured its $3.7 billion, problem-plagued IT contract with the United Kingdom's National Health Service to deliver healthcare solutions and services. And it corrected security problems in the cloud-based Google e-mail system CSC had been building for Los Angeles municipal workers
Products, Services, and Solutions
NSA surveillance: is it possible to exist online without casting a digital shadow? (Guardian) If individuals believe maintaining their online security is worth it, there are alternatives to the likes of Google
MBS-W03 - STAMP: An Automated Unknown Zero-Day Vulnerability Discovery System for Mobile Platforms (RSA Conference) STAMP (Security Testing Arsenal for Mobile Platforms) is an automated software pipeline to discover unknown zero-day vulnerabilities in mobile platforms. Using STAMP, we have uncovered several zero-day vulnerabilities in iOS, Android and Symbian platforms. We will discuss about our system architecture, results, experience and best practices of running a large-scale vulnerability discovery system
Cyber threat hunting service from Dell SecureWorks (Help Net Security) Dell SecureWorks has launched a new Targeted Threat Hunting service aimed at finding cyber attackers who might be lurking in an organization's network
Dell adds identity to the classification of unstructured data (Help Net Security) Dell Software released Dell Quest One Identity Manager - Data Governance Edition Classification Module, the latest solution that adds identity to the classification of unstructured data
Apple Debuts OS X Mavericks, iOS 7, Mac Pro Tube (InformationWeek) At WWDC, Apple shows off its design prowess with a radical makeover for iOS 7 and a forthcoming tube-shaped desktop Mac Pro
TCS Unveils Skills Evaluation Tool for Cyber Operators (The New New Internet) TeleCommunication Systems has unveiled a new tool designed to help enterprises, schools and government agencies measure a person's cybersecurity skills and match them with job requirements
QualysGuard Express Lite released (Help Net Security) "Our mid-sized customers have been using QualysGuard Express due to its ease of use and actionable security results that help organizations fend off cyber
Qualys announces QualysGuard enhancements (SC Magazine UK) Qualys has announced a series of product launches and enhancements…results that help organisations fend off cyber attacks and avoid data breaches
Technologies, Techniques, and Standards
4 Ways to Secure an Apple Mac Browser (eSecurity Planet) It's not just about Java. What can you do to improve the security of Mac browsing? For many years, there was a widely-held notion that Apple Mac users were more secure than their Windows counterparts. In recent years, however, that notion has been challenged. In 2012 Apple Mac OS X users
The future of online authentication (Help Net Security) Recently, Twitter has introduced 2-factor authentication - the latest in a long list of large-scale web services that have taken this step including Google, Microsoft and Dropbox
Microsoft Citadel takedown ultimately counterproductive (Help Net Security) Last week's disruption of nearly 1500 Citadel botnets believed to be responsible for over half a billion US dollars in financial fraud and affecting more than five million people in 90 countries has been welcomed by most security experts, but not all
New expert-level cyber forensics certification (Help Net Security) (ISC)² has developed a new certification, the Certified Cyber Forensics Professional (CCFPSM), as the first global standard for assessing experienced digital forensics professionals' mastery and
Me and my job: Nick Hetrick, senior IS security operations analyst, WellSpan Health (SC Magazine) How do you describe your job to average people? As a member of WellSpan security ops, I take the lead on vulnerability and protection management. I proactively mitigate technical risk for existing systems and new implementations. This role is also responsible for daily operations and support of WellSpan's security controls. I also manage the implementation of new security controls that protect the enterprise
When it Comes to Security, Big Data isn't Big Enough (SecurityWeek) Big Data means different things to different industries and organizations. Today, Big Data not only describes the large and complex data sets that organizations are dealing with, it is also used to describe capabilities found in technologies that produce, process, analyze and protect data
Is your IT department "donating" your attorney-client privilege without your knowledge? (SC Magazine) What if an executive of your company came to you and said, "Look, we've got this data about an incident that happened. If we were sued over the incident and it got out, it would be very embarrassing for us - but I decided to donate the data to some outside organizations for the good of mankind!"
Academia
'We try to collect everything and hang on to it forever': US intelligence agencies' cosy relationship with academia and business may be hard to unwind (The Independent) In Britain GCHQ, the Government's intelligence communications centre, is funding research into cyber threats at Oxford, Bristol, Queen's University Belfast, Southampton, and Imperial, University College and Royal Holloway in London. These "centres of
MOOC-utopia: Who Really Wins? (InformationWeek) Massive open online courses are being promoted "for the students." But others have another agenda
Legislation, Policy, and Regulation
With Snowden in hiding, House to hear about secret surveillance programs (CNN) The entire House of Representatives will get its first briefing Tuesday on the government's recently revealed top secret surveillance programs, while the man behind the leaks continues to hide out, presumably in Hong Kong
Think US snooping is bad? Try Italy, India or…Canada (Quartz) Just because something is legal doesn't necessarily make it a good thing. So far, legality is the main rationale US officials have used to defend the government's PRISM spying program. It's all perfectly legal, approved by Congress and the courts. But a more potent argument might be to compare PRISM with the spying programs of other countries. Compared to the data-mining that goes on elsewhere, US intelligence agencies may be relatively constrained
Debate On Secret Data Looks Unlikely, Partly Due To Secrecy (New York Times) But the legal and political obstacles to such a debate, whether in Congress or more broadly, are formidable. They only begin with the facts that the programs at issue are highly classified and that Mr. Snowden is now a hunted man, potentially facing a prison sentence for disclosing the very secrets that started the discussion that Mr. Obama welcomed
John McCain defends the National Security Agency's surveillance programs (Examiner.com) The National Security Agency (NSA) has at least one high-profile lawmaker standing behind it this week. Senator John McCain (R-Ariz.) took to the airwaves on Sunday and stated that the agency's surveillance tactics were "appropriate"
Poll: Most Americans not worried about gov't phone tracking (Ars Technica) 56% are fine with a phone dragnet, and 45% are OK with email monitoring
NSA surveillance controversy: Much ado about nothing new? (CSO) Privacy experts say the U.S. government has been spying on civilians for years, and it's reached a new, dangerous level
A Surveillance History Lesson (Washington Post) A little history and a little law are needed in the wake of the current uproar over the re-discovery that the National Security Agency has been vacuuming up telephone records of Americans and e-mails, phone messages and other Web data related to suspected overseas terrorists
Big Brother Really Is Watching Us (Wall Street Journal) Monitoring hundreds of millions of phone records is an extraordinary invasion of privacy
Obama should act to counter intelligence community overreach (FierceHomelandSecurity) A country perpetually on a war footing will ultimately defeat itself. That was the laudable message from President Obama just two-and-a-half weeks ago - before revelations of the intelligence community's widespread use of legal authorities to conduct systemic electronic of surveillance, including metadata associated with purely domestic telephone calls
"The Foundation of a Very Oppressive State" (Slate) Brian Jenkins is no bleeding heart when it comes to tracking down terrorists. "I'm not squeamish," he said in a phone interview Friday morning. "I don't wring my hands over what has to be done." Jenkins, in fact, is a pioneer in the field of counterterrorism. A former Special Forces soldier and longtime RAND Corporation analyst, he compiled the first database of international terrorists back in 1971, wrote one of the first monographs on the subject in 1974, and has since served as a frequent high-level consultant on the subject
Cyber Command, NSA leadership may be reassessed under fiscal 2014 NDAA (FierceGovernmentIT) The implications of having one person lead both Cyber Command and the National Security Agency would be explored under the fiscal 2014 national defense authorization act that the House Armed Services Committee approved June 6
Section 215 of Patriot Act again under scrutiny (FierceGovIT) Public revelation of a top secret order directing a Verizon unit to turn over to the federal government records pertaining to domestic and international phone calls has thrown new scrutiny over federal interpretation of the Patriot Act allowing the government to obtain "any tangible things" relevant to a terrorism investigation
Disclosures on NSA spying alarm lawmakers, tech companies (Reuters) Recent revelations about the National Security Agency's expansive data-collection efforts have underscored the power of electronic surveillance in the Internet era and renewed an historic debate over how far the government should go in spying on its own people
If the NSA Trusted Edward Snowden With Our Data, Why Should We Trust the NSA? (Slate) Edward Snowden sounds like a thoughtful, patriotic young man, and I'm sure glad he blew the whistle on the NSA's surveillance programs. But the more I learned about him this afternoon, the angrier I became. Wait, him? The NSA trusted its most sensitive documents to this guy? And now, after it has just proven itself so inept at handling its own information, the agency still wants us to believe that it can securely hold on to all of our data? Oy vey
Data Centers Don't Need To Be Regulated Utilities (InformationWeek) New York Times misses the big picture with its take on data centers as "wildcat" utilities that require government oversight
Secret presidential order reveals policies for waging offensive, defensive cyberwar (Washington Free Beacon) It directs the government to identify potential targets for offensive cyber attack. No details are provided, but U.S. officials have said the targets would include digital infrastructure such as electrical power grids, telecommunications, and other key
Obama Seeks China Cooperation on Hacking That Xi Denies (Bloomberg) U.S. President Barack Obama told Chinese President Xi Jinping continued "large-scale theft" of U.S. property from Chinese cyberattacks is inconsistent with the cooperative tone set during two days of talks
U.S.-China Cyber War Holds Key To Dominance (USA Today) Fresh from publicly defending his own administration's cyberspace hanky-panky, President Obama challenged Chinese President Xi Jinping to rein in China's unacknowledged misuse of the Internet to steal some of this country's most important secrets
China vs US, cyber superpowers compared (Infosec Institute Resources) In the last months, the press agencies and government official bulletins have reported several news regarding continuous cyber-attacks having Chinese origin, most of them with cyber espionage purpose, but the risk for sabotage operations is concrete and not to underestimate
Wickham: US-China cyber spying not a big surprise (USA TODAY) But in China, it is this country that is portrayed as the cyber-attack villain. Last month, China's state newspaper, the People's Daily, accused the U.S. of being the real "hacking empire" with a 50,000-member "cyber army." China claims it is a victim
Fresh Start For A Critical Relationship (New York Times) There was never any guarantee that President Obama and President Xi Jinping of China would end their informal talks over the weekend with a deeper and more productive relationship. On too many issues, their national interests diverge
China's Cyber Stonewall (Wall Street Journal) Chinese President Xi Jinping and President Obama emerged from their "shirt-sleeve summit" on the weekend touting new cooperation on climate change and North Korea. The big exception to this new era of good feeling? China's cyber attacks against U.S. private and government targets, on which Mr. Xi gave no ground
Inside The NSA's Ultra-Secret China Hacking Group (Foreign Policy) Deep within the National Security Agency, an elite, rarely discussed team of hackers and spies is targeting America's enemies abroad
Pakistan may un-block YouTube--or it may just block all of Google (Quartz) Pakistan is on its way to becoming a proper democracy, but it's a bumpy road. An elected government just completed its full term and handed over power to another elected government for the first time in the nation's 66-year history as an independent state. As such, the country is anxious to do democratic things, such as allowing its citizens rights of free expression
EU to vote on stiffer penalties for hackers (Help Net Security) Member states of the European Union might soon be creating new laws that will raise minimum prison sentences for convicted cyber attackers and botnet herders. Last week, the European Parliament
The EU's hacker legislation mirrors the US Computer Fraud and Abuse Act (Infosecurity Magazine) "This directive," says rapporteur Monika Hohlmeier, "introduces much-needed common rules for criminal law penalties, and also aims to facilitate joint measures to prevent attacks and foster information exchange among competent authorities"
Comment: A Cultural Spat? Data Protection and Privacy Issues between the EU and US (Infosecurity Magazine) As the EU Commission edges closer to adopting revisions to its Data Protection Directive, US companies will be looking more closely at their IT practices in consumer data retention says Andy Green of Varonis
Litigation, Investigation, and Law Enforcement
UK denies it illegally spied on its own citizens (The National) The UK foreign secretary, William Hague, yesterday dismissed claims that the country's intelligence services had bypassed the law to spy on its citizens. Mr Hague tried to address concerns that Britain had used the US's Prism system to intercept personal information from internet giants such as Apple, Facebook and Google
The Slow-Closing Loophole That Could Save Edward Snowden From Extradition (Slate) As I explained earlier today, NSA whistle-blower/leaker/source Edward Snowden's decision to flee for Hong Kong doesn't look like the wisest decision given the former British colony's existing extradition treaty with the United States. But the GlobalPost's Benjamin Carlson explains one detail that everyone seems to be overlooking: A potential bureaucratic loophole that could buy Snowden some much-needed time while he figures out where he'll go next
U.S. Preparing Charges Against Leaker Of Data (New York Times) Senator Dianne Feinstein, a California Democrat who is the chairwoman of the Intelligence Committee and has praised the programs' effectiveness, said the panel would hold a closed briefing for all senators on Thursday to hear from N.S.A., F.B.I. and Justice Department officials. A similar closed hearing is scheduled for Tuesday in the House
NSA Leaker's Access Examined (Washington Post) Counterintelligence investigators are scrutinizing how a 29-year-old contractor who said he leaked top-secret National Security Agency documents was able to gain access to what should be highly compartmentalized information, according to current and former administration and intelligence officials
National Security Agency contractor risks steep jail time for data leak (9NEWS.com) The man who gave classified documents to reporters, making public two sweeping U.S. surveillance programs and touching off a national debate on privacy versus security, has revealed his own identity. He risked decades in jail for the
Code name 'Verax': Snowden, in exchanges with Post reporter, made clear he knew risks (Washington Post) He called me BRASSBANNER, a code name in the double-barreled style of the National Security Agency, where he worked in the signals intelligence directorate. Verax was the name he chose for himself, "truth teller" in Latin. I asked him early on, without reply, whether he intended to hint at the alternative fates that lay before him
Snooping Concerns Emerge Over Congressional Blackberries Serviced by Verizon (Breitbart Big Government) Amid the revelations that the National Security Agency has been secretly monitoring the records of millions of phone calls across the country via telephone service provider Verizon, Congress is concerned that the NSA's actions may have also captured phone calls of lawmakers and their staffers. It should be noted that Verizon is one of the main service providers to government issued Blackberries members and their staff use to communicate with one another
Inside The 'Q Group,' The Directorate Hunting Down Edward Snowden (The Daily Beast) Even before last week's revelations by The Guardian newspaper that the National Security Agency (NSA) was collecting call records from telecommunications companies and had the ability to mine user data from major U.S. Internet companies, the NSA was already on the trail of the leaker, according to two former U.S. intelligence officers with close ties to the agency
Has the US become the type of nation from which you have to seek asylum? (Washington Post) The whistleblower who disclosed classified documents regarding NSA surveillance to The Washington Post and the Guardian has gone public. He is Edward Snowden, 29, an employee of defense contractor Booz Allen Hamilton
First Lawsuit Over NSA Phone Scandal Targets Obama, Verizon (Wired) The first of what likely will be many lawsuits challenging the constitutionality of the NSA's dragnet phone surveillance program was lodged Sunday, calling the newly disclosed operation an "outrageous breach of privacy
Rights groups ask U.S. spy court for justification of Verizon order (CSO) New research, however, suggests people in the U.S. are willing to compromise privacy for security
DoD made $1.1 billion in improper payments, GAO says (FierceGovernment) The Defense Department made $1.1 billion in improper payments in fiscal 2011, a recently released May 13 Government Accountability Office report says
Tech experts tie WikiLeaks soldier to database breach (Reuters) Computer forensic experts testified on Monday that they traced a break-in to a secret U.S. government website to Bradley Manning, the U.S. soldier charged with the biggest leak of classified files in the nation's history
Sleeping German banker accidentally transfers €222,222,222.22 (Quartz) At least he didn't fall asleep on the "9" key. A German labor court ruled on Monday that a bank supervisor was unfairly dismissed for failing to notice that one of her employees had made a multi-million euro mistake on a transaction. The employee had fallen asleep with his finger on his keyboard while pressing the number two, so instead of transferring €62.40 from a retiree's bank account, he withdrew €222,222,222.22 instead
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, Oct 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.
OKTANE 1 (San Francisco, California, USA, Nov 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your employees more productive and secure, OKTANE13 will keep you up to date with the latest enterprise technology.
2013 Cybersecurity Innovation Expo (Baltimore, Maryland, USA, Jun 10 - 13, 2013) Do not miss the opportunity to participate in the 2013 Cyber Innovation Forum with active participation from National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and the Department of Homeland Security (DHS). This four-day event will take place at the Baltimore Convention Center on Monday, June 10 - Thursday, June 13 with the exposition taking place June 11-12.
CISSE 17th Annual Colloquium (Mobile, Alabama, USA, Jun 10 - 13, 2013) The Colloquium for Information Systems Security Education will meed in Mobile to discuss topics of great interest to our community, including cyber security education, certification, and accreditation.
Navigating the Affordable Care Act (Elkridge, Maryland, USA, Jun 12, 2013) A workshop for government contractors, the sessions are expected to have some relevance to health care information security and assurance.
3rd annual Cyber Security Summit (, Jan 1, 1970) Over the last 2 years, the summit has gathered 150+ senior Defence, National Security and Industry executives to address current and emerging cyber threats to Australia's security. Now in its 3rd year, ADM Cyber Security aims at: reviewing solutions to the ever increasing level of attacks, whether real or potential, [and] equipping all stakeholders with a wide range of actionable strategies.
Suits and Spooks La Jolla 2013 (LaJolla, California, USA, Jun 15 - 16, 2013) Exploring Cyber Warfighting and Threat Mitigation for Corporations and Governments. The original concept for this event was to look at what special operations forces and corporate CERTs or SOCs have in common…it readily became apparent that two broad areas kept coming up: threat mitigation through intelligence and active defense (a.k.a. offense as defense). San Diego is a wonderful location for exploring this theme thanks to its military and high technology industries. The FBI, NCIS, DOD, academia and some cutting edge INFOSEC startups will be represented.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
Hack in Paris (Paris, France, Jun 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted a stellar lineup of speakers and promises to be a very technical event with heavy emphasis on training. This is its second year.
2013 ICAM Information Day and Expo (Washington, DC, USA, Jun 18, 2013) This day provides a forum for the Identity, Credential and Access Management (ICAM) community to get first-hand information on current identity management and related technologies.
Buzzword Forensics: Mobile is the Future…and the Future is Now (Laurel, Maryland, Sioux Falls, Jun 18, 2013) Digital forensics is evolving, as all forensic sciences must evolve. With the explosive growth of the Internet as context, the discipline of digital forensics has evolved significantly since the last millennium. In today's talk we briefly explore this evolution from the Paleolithic last millennium to our present, and increasingly mobile ecosphere. Mobile device forensics has something old and something new. Open source and commercial tools have had spotty records over the years with respect to mobile device forensics. We will explore some of the similarities and look explicitly at some of the major differences between classic computer forensics and mobile device forensics, using demos of Android forensics as an exemplar. Al Holt, adjunct professor at Towson University, will be the presenter.
NASA National Capital Region Industry Days (Washington, DC, USA, Jun 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in the marketplace.
AFCEA International Cyber Symposium 2013 (Baltimore, Maryland, USA, Jun 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government, the International Community, Industry and Academia, to discuss the development of robust cyberspace capabilities and partnerships. The AFCEA International Cyber Symposium 2013 focuses on the critical missions of U.S. Cyber Command and the interface with Army Cyber Command, Marine Corps Forces Cyber Command, 10th U.S. Fleet Cyber Command, 24th Air Force Cyber, Department of Homeland Security, U.S. Coast Guard, DoD-CIO, National Security Agency (NSA), Defense Information Systems Agency (DISA), Defense Advanced Research Projects Agency (DARPA), Academia, Industry partners. The operational theme " Defining Full Spectrum Global Cyberspace Operations" will explore the operational security of DoD and Industry Networks, Cyber Operations with Joint and Coalition partners, and discuss the training and development of the cyber workforce.
ShakaCon (Honolulu, Hawaii, USA, Jun 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better than "sun, surf, and C Shells?" There are intensive training classes on hacking mobile apps and even lock picking (the set of tools is included in the class registration).
Northern Virginia Technology Council: Security Threats: What Keeps You Awake at Night? (McLean, Virginia, USA, Jun 27, 2013) It's no secret that cybersecurity events are increasing in frequency and intensity. Many of these events are severe and pose significant risk to us as individuals, to our businesses, as well as our economy and national security. We've seen many reports in the press recently of well-funded nation states attempting to pilfer our networks in search of intellectual property. Every day bad guys are trying to gain access to our credit card information and other forms of personal information to steal our money and identities while others brazenly attempt to take over our data and systems and hold them for ransom. How is this happening? What can we do to protect ourselves? This conference addresses these issues.
American Technology Awards Technology and Government Dinner (Washington, DC, USA, Jun 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology networking event bringing hundreds of tech industry, congressional, and government leaders together at one venue to celebrate the partnership between industry and government.