The CyberWire Daily Briefing for 1.17.2013

Cyber Attacks, Threats, and Vulnerabilities

Red October, RBN and too many questions still unresolved (Security Affairs) The recently discovered cyber espionage campaign Red October has shocked world wide security community, the principal questions raised are:Who is behind the attacks? How is possible that for so long time the campaign went undetected? Which is the role of AV company in these operations

Surprised? Old Java exploit helped spread Red October spyware (The Register) Unpatched Java installations may have helped spread the malware responsible for the recently uncovered "Red October" cyber-spying campaign, researchers at Seculert have revealed. Kaspersky Labs first disclosed the existence of Red October on Monday, claiming that the program had been responsible for attacks on systems in Eastern European countries, former Soviet republics, and Central Asian nations over the last five years. The primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel

Incapsula Security Firm Analyze Reality Behind Recent U.S. Cyber Attacks (HackRead) If you remember our article on a wave of DDoS attacks on several American banks, this news is the continual of that news and would be releasing some of the shocking aspects regarding the attacks. Here, we would like to add that these attacks were launched by a hacking group by the name of Izz ad-Din al-Qassam in protest to a video which breaches the Islamic code of law. The hacker is now saying such attacks would keep coming and wouldn't stop until the removal of that video content

Banks fighting cyberattacks unlikely to get government relief soon (CSO) Outside of reaching a diplomatic solution, options available to the government would not stop the attacks quickly, say security experts. Banks seeking help from the U.S. government in battling a campaign of cyberattacks that defense officials say is being led by the Iranian government are unlikely to get much relief without a diplomatic solution, security experts say

Another Java Zero-Day Vulnerability Hits Black Market (InformationWeek) Call it malware cash and carry: Less than 24 hours after Oracle Sunday released a security update that addresses two critical zero-day vulnerabilities in Java that are being actively exploited by attackers, an online vulnerability seller began offering

Yet ANOTHER Java zero-day claimed - but this time you're laughing, right? (Naked Security) The value the seller is placing on this exploit sounds a bit low to me: he's expecting total earnings of just $10,000 for a reliable, working and current Java zero-day. (I don't mean to sound as though I think cybercriminality is glib and workaday

New zero-day Java exploit selling in online forum for $5000 (TechSpot) Earlier this week Oracle rushed out a fix for a critical bug in Java that was reportedly being widely exploited by malicious sites to remotely execute code on a victim's machine. Well, it only took one day after the patch arrived for a different and

Thailands' Ministry of Culture Hacked by Bad Piggies Team (Softpedia) On Wednesday, hackers from the Bad Piggies Team breached and defaced the official website of Thailands Ministry of Culture (m-culture. go. th)

South Korea Accuses North Korea of Cyberattacks on Newspaper, Transition Team (Softpedia) South Korean officials are accusing North Korea of being behind the cyberattack against the website of the JoongAng Ilbo newspaper and the servers that handle the press rooms at the presidential transition team. Earlier this month, we learned that South Korea was busy training hackers to protect the country against cyberattacks. As it turns out, this is for a very good reason

N.Korea's GPS Jamming Is Terrorism Pure and Simple (Chosun) North Korea has been sending GPS jamming signals since April 28, wreaking havoc with civilian aviation and fishing fleets. Over the last 12 days, 624 passenger planes operated by Korean Air and Asiana Airlines, and 49 foreign carriers were affected by GPS jamming and one U.S. military aircraft on the way from Beijing to Yokohama also experienced disruption. There were four close calls where passenger jets approaching Incheon and Gimpo airports abruptly shifted course when their GPS malfunctioned and landed only after circling the airports

Okara Police Hacked, personal information leaked for #OpSlaughterHouse (HackRead) Thank to CWN for reporting, the official website of Okara District Police (okarapolice.com) Pakistan was hacked by @ThisISGame0ver for #OpSlaughterHouse. The hacker breached the site and leaked personal information of Police officers online, the details contains login details of website administrator's usernames, address, contact details, phone numbers, plain text and encrypted passwords. After looking into the passwords set by the admin for a police site; it shows what a terrible and poor security the site has, as the passwords and usernames are as same as their names. For example: Username: Usman and password is Usman as well.

Elion Denies Cyber Attack to Blame for Extensive Outages (Estonian Public Broadcasting) Director of technology for Elion, Kalev Reiljan, said the failure that caused cascading problems at the telecommunication company and digital services provider was a perfect storm of an outage and not caused by cyber attack. "I can completely, definitively and categorically say that this was not due to an external influence," he told ETV

Precision Bouncer List Phishing Kits Keep Targets Inside the Ropes (Threatpost) Just when you thought phishers had exhausted all avenues of innovation, a new tactic has emerged in attacks against financial institutions bringing the level of targeting and geo-filtering to precise new levels. Dubbed bouncer list phishing by RSA Security, these attack kits are built off stolen email lists that are filtered for particular targets, such as a regional bank

Bouncer kit perfect for laser-focused phishing campaigns (Help Net Security) Researchers have unearthed a new type of phishing kit that allows crooks to target specific users and keep away others in order to keep the scheme hidden from knowing eyes and security firms for as long as it's possible

Log audit reveals developer outsourced his job to China (Help Net Security) Log analysis can reveal a lot of security mistakes and fails, but a lot of security sins, too. Take for example the incident recently shared by Verizon's Risk Team: called in by a critical infrastructure company to investigate what seemed to be a breach of its networks by the hands of Chinese-based hackers, they ended up discovering a complex scam perpetrated by one of the company's most respected employees

Notre Dame on imaginary girlfriend fiasco: Manti Te'o was 'victim of hoax' (Raw Story) It was one of the most celebrated stories of heroism in US sport: the college football star who fought through the grief over the death of his girlfriend as he helped his team get to the championship game

Facebook Graph Search is an awesome tool for phishing attacks (CSO) Graph Search makes it easier for cyber criminals to gather relevant details that can be used to target phishing attacks more effectively. Facebook shook the tech world's foundation a bit with the announcement of Graph Search capability. Users are anxious for a chance to play with the new feature, and attackers are looking forward to this potent new weapon, er, tool as well. In a nutshell, Facebook Graph Search is a search engine that allows you to find things based on relationships and context--basically drawing from the limitless pool of Likes, tags, and check-ins posted by a billion Facebook members

How Twitter users can fake a verified account - and how you can tell the difference (Naked Security) Verified accounts on Twitter can help you tell the difference between a real celebrity's account, and those of imposters and over-enthusiastic fans. In this way, you can tell the real @britneyspears apart from the likes of @britney_spears and @britneyspear. A Naked Security reader got in touch this morning asking us how on earth a fictional character (Percy Jackson) had managed to get his Twitter account verified:"How is an RP account verified by Twitter?"We took a look, and sure enough there's a blue verified badge beside @PerseusJackscn's name

A shock in the dark: Flashlight app tracks your location (NBC News) The element of surprise causes hard feelings when it comes to privacy violations, and mobile phone apps are ambushing consumers far too often, according to researchers at Carnegie Mellon University. Researchers at the school's Human-Computer Interaction Institute studied both the data gathered by the 100 most popular programs in Google's Android app store, and how surprised users were when told what the apps were doing. On Tuesday they released a list of the 10 worst offenders in terms of transparency

90 percent of passwords can be cracked in seconds (Infosecurity Magazine) More than 90% of user-generated passwords can be made vulnerable to hacking in a matter of seconds, according to new research from Deloitte. The consulting firm's Canadian Technology, Media & Telecommunications (TMT) Predictions 2013 report covers a range of technology predictions, including the outlook for subscription TV services and 4K televisions, but the vulnerabilities in todays password practices top the list of things to consider in 2013. The problem, researchers said, is that everything that we thought to be true must be reconsidered given advances in technology."Passwords containing at least eight characters, one number, mixed-case letters and non-alphanumeric symbols were once believed to be robust, said Duncan Stewart, a director of research for the report

Heads-Up - Security Researchers Expose X-ray Machine Bug (Dark Reading) A pair of researchers best known for poking holes in industrial control systems (ICS) products found that medical devices suffer similar security woes after they were able to easily hack into a Philips x-ray machine. Terry McCorkle and Billy Rios, both of Cylance, here today demonstrated how a rudimentary fuzzer they wrote basically gave them privileged user status on the XPER x-ray machine. The machine has inherently weak remote authentication

For Industrial, Medical Systems: Bugs Run In The Family (Security Ledger) On the surface, the kinds of industrial control systems that run a power plant or factory floor are very different from, say, a drug infusion pump sitting bedside in a hospital intensive care unit. But two security researchers say that many of these systems have two important things in common: theyre manufactured by the same company, and contain many of the same critical software security problems. In a presentation at gathering of industrial control security experts in Florida, researchers Billy Rios and Terry McCorkle said an informal audit of medical devices from major manufacturers, including Philips showed that medical devices have many of the same kinds of software security holes found in industrial control system (ICS) software from the same firms

Whistleblower sheds light on global zero day exploits market (TechEye) The result of their fattening labour are zero-day exploits, bits of custom code specifically tailored to exploit software flaws which have not been made public yet. While they may sound scary to the average user, they are also a vital resource for

Internet Mercenary Gives A Peek Into His Shadowy World (Business Insider) "As technology advances, the effect that zero-day exploits will have is going to become more physical and more real," [Desautels] says. "The software becomes a weapon. And if you don't have controls and regulations around weapons, you're really open to

Security Patches, Mitigations, and Software Updates

Chrome 25 to Support Unprefixed Content Security Policy (Threatpost) Google is continuing to introduce new security technologies in its Chrome browser, and the latest addition on the horizon is support for unprefixed Content Security Policy, a behind-the-scenes improvement designed to prevent malicious script injections. The technology is included in the beta of Chrome 25, which was released earlier this week, and will soon find its way into the stable channel

Novell Patches Vulnerability in eDirectory Product (Threatpost) Novell has fixed a vulnerability in its eDirectory service that could affect users who run the program on some Linux and WIndows platforms. The problem, a stack buffer overflow (CVE-2012-0432) is remotely exploitable and can be done without authentication, according to an alert issued yesterday by David Klein on the Full Disclosure mailing lists

Oracle Critical Patch Update Advisory-January 2013 (Oracle) A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes

Cyber Trends

Big Data Will Play Key Role In Security's Future, Study Says (Dark Reading) 'Intelligence-driven security' will enable enterprises to deeply analyze security data and assess risk more accurately, RSA report says

Security stories to watch: Patches for Java, IE, and SCADA-pocalypse! (IT World) The patches are out for both Java and Internet Explorer, but this is hardly the end of the story - or the hand wringing. Also: a SCADA-pocalypse! If you work in IT security, this week started off with a bang, as Oracle and Microsoft released critical, out-of-cycle patches to fix serious and exploitable holes in their software. The patches put an end to the haranguing each company was getting from security experts, but it certainly isn't the end of the story - or the hand wringing for organizations already wary of attack

Another Notch In 'Cyber Threat' Rhetoric's Belt: Former UK Head Of Cyber Security Brings 'AIDS Epidemic' Into The Mix (Techdirt) Well, we've seen the always-impending cyberdoom compared to all sorts of horrendous events by legislators and security agencies. The perpetually-just-over-the-horizon cyberattacks have been given catchy names like "cyber-Pearl Harbor" and "cyber-9/11" in an attempt to scare up some support for terrible legislation and expansions of power. The UK's former head of cyber security has taken a slightly different tack, avoiding the terrorist imagery in favor of something even more dubious

Canada infrastructure vulnerable to cyber attack, RCMP report (SC Magazine) Canada remains vulnerable to cyber attacks by "terrorist groups [which] have expressed interest in developing the capabilities for computer-based attacks against Canada's critical infrastructure." The warning was contained in the annual departmental

Company bosses slacking on hacking (Help Net Security) Company bosses across the UK have a complacent attitude toward cybercrime and are inviting criminal attacks due to their sloppy approach to internet security, reveals new research from Swivel Secure

TODAY'S SPOTLIGHT... Enterprises uninformed about BYOD security risks, says Frost survey (Fierce Mobile IT) Information security managers believe that enterprises must do more to understand the security implications of the BYOD trend, according to a survey conducted by Frost & Sullivan on behalf of IT security trade group (ISC)2. More than half of the companies surveyed said they allow employees and business partners to connect to their networks, according to the survey results published by ComputerWeekly. A full 78 percent of the 12,000 information security professionals surveyed expressed concern about the security risks associated with BYOD. The biggest concerns include application security and cloud-based systems

Juniper: Mobile wearable device use in enterprise on the rise (Fierce Mobile IT) Enterprises will increasingly use mobile wearable devices for various applications, including warehouse management, according to Juniper Research in a new report. Enterprise wearables include mobile devices such as terminal devices, scanners, display devices, as well as tracking devices used for logistics, factory management and production houses, Nitin Bhas, a Juniper analyst and author of the report, told FierceMobileIT

Mobile technology will be most disruptive enterprise force, predict 2,000 CIOs (Fierce Mobile IT) Mobile technology will be the most disruptive technological force in the enterprise in the coming years, according to a survey of more the 2,000 chief information officers that was conducted by Gartner in the fourth quarter of 2012

BYOD: Sleepless nights ahead for CIOs, IT personnel (Fierce Mobile IT) Recently, Gartner polled an impressive number of chief information officers, 2,053 to be exact, to find out what their business and technology priorities and concerns are for the coming year. While mobile technology ranked second in terms of technology priorities, it ranked first in terms of how disruptive it will be to the enterprise. No doubt this concern about disruption stems from the flood of personally owned mobile devices into the workplace, whether approved by CIOs or not

Rand: American involvement in a cyber crisis is inevitable but manageable (Fierce Government IT) The United States will likely find itself in a cyber crisis owing to the fact that cybercrimes and espionage continue to rise and the risks from cyberspace are growing, according to a recently-released Rand Corporation monograph prepared for the Air Force. Crises are less likely to "emanate from the unavoidable features of cyberspace" than from "each side's fear, putatively exaggerated, of what may result from its failure to respond," the report says

Marketplace

F-35 Software: DoD's Chief Tester Not Impressed (IEEE Spectrum) Last September, U.S. Air Force Maj. Gen. Christopher Bogdan, the then incoming director of the troubled F-35 program, said that he was not optimistic that all the program's current problems—especially those related to software, which has long been a sore point (pdf)—would be fixed in time to meet the services' planned initial operational capabilities, beginning with the Marine Cops in about 2 years. The 2012 Annual Report (pdf) on major defense acquisitions, by the Department of Defense's Director of Operational Test and Evaluation, J. Michael Gilmore, isn't likely to increase Bogdan's optimism any

Navy CIO abruptly cancels IT conference scheduled for end of month (Fierce Government IT) The Navy Department chief information officer has canceled a planned information technology conference less than two weeks before it was due to start Jan. 28-30 in San Diego. Navy announced the cancelation in a posting on the DoN CIO website, stating the action was taken "in response to DoD and DoN guidance." Until this week, the plan was for the DoN CIO to host the DON IT Conference at the same time and location as the 2013 AFCEA West conference. Defense and Navy officials will continue to speak at the military association's event, the DON announcement says. Navy personnel may still go to it, it adds, provided they don't incur travel costs

After bumpy start, VA says paperless claims transition will be smooth (Fierce Government IT) The Veterans Affairs Department has begun a nationwide transition to paperless processing of disability claims at regional offices and says it has addressed previous problems and slowdowns within the system

CRGT Subsidiary to Provide EPA IT Systems Support (Govconwire) CRGT's Guident subsidiary has won five task orders to provide U.S. Environmental Protection Agency information technology systems development and migration services, Guident said Wednesday. The Herndon, Va.-based data analytics provider will also provide the agency design and other related IT support services for up to five years. "Guident has been supporting numerous offices within the

Dish bests Sprint's offer to acquire Clearwire (Fierce Mobile IT) Dish Network's bid to steal Clearwire out from under Sprint Nextel (NYSE: S) could signal the satellite TV provider's interest in partnering with the terrestrial broadband wireless provider. Dish has offered to pay $3.30 per share to acquire Clearwire, more than the $2.97 per share Sprint has offered. Dish also offered to buy spectrum from Clearwire for $2.2 billion

Intel and Facebook collaborate on future data center rack technologies (Help Net Security) Intel and Facebook aim to define the next generation of rack technologies used to power the world's largest data centers. As part of the collaboration, the companies also unveiled a mechanical prototype

Nokia Cuts 300 Jobs, Outsources Up To 820 More To HCL And Tata To 'Align IT With Its Business Focus' (TechCrunch) Here's the cloud to Nokia's silver lining statement the other day of better than expected handset sales: it is cutting IT 300 jobs, and outsourcing 820 more, with Indian outsourcing giants HCL and Tata Consultancy Services picking up the reins for the latter. The news was announced this morning by the company as it gears up to report Q1 results January 24

Behrman Capital acquires Cyber security provider Tresys Technology (Government Security News) Behrman Capital, a private equity investment firm on Jan. 9 acquired Tresys Technology, a provider of Cyber security products, services and solutions to government and commercial customers. Financial terms of the transaction weren't disclosed

Former PwC Consulting CEO Takes Reins At Anti-malware Startup TaaSERA (Dark Reading) C. Scott Hartz has joined as CEO

HP Names Former VA Healthcare COO Laura Miller a Public Sector Principal (Govconwire) Laura Miller, a former chief operating officer for the Department of Veterans Affairs' healthcare system, has joined HP Enterprise Services (NYSE: HPQ) as healthcare client principal for the U.S. public sector. The company said the 30-year public health veteran will work with clients such as the VA, the Military Health System and the Department of Health and Human Services

Vistronix Names EVP John Hassoun Corporate President (Govconwire) Vistronix has promoted John Hassoun from the executive vice president ranks to corporate president, the company said Monday. Hassoun will report to CEO Deepak Hathiramani and be responsible for the company's business units and corporate support functions. Hassoun, who joined the company in July 2012 as corporate development EVP, will also oversee the integration of

Catapult Names L-3 Vet Brian Murphy Enterprise Systems Business Development Lead (Govconwire) Catapult Technology has appointed L-3 Communications veteran Brian Murphy director of business development for the enterprise systems team, Catapult said Monday. The company said Murphy will be responsible for acquiring new business in the defense sector, identifying opportunities and leading proposal development. He will also be responsible for building relationships with team partners as part

Northrop Names 32-Year Vet Ruth Bishop Mission Assurance Sector VP (Govconwire) Northrop Grumman (NYSE: NOC) has appointed Ruth Bishop sector vice president of quality, safety and mission assurance within the technical services sector, effective Jan. 26. Bishop, a 32-year company veteran, will oversee sector-wide mission assurance and Six Sigma functions and be responsible for measuring productivity, the company said. She will also be responsible for predicting

Products, Services, and Solutions

ObjectRocket Launches Premium MongoDB Cloud Service (Dark Reading) Leverages AWS Direct Connect to provide low latency and free bandwidth to AWS customers

Five notable new features in Fedora Linux 18 'Spherical Cow' (IT World) After numerous delays along the way, the final version of Fedora Linux 18 "Spherical Cow" made its long-awaited debut on Tuesday

Survalent Technology Commissions New SCADA System Greenfield Power and Light, Indiana (SFGate) Survalent Technology, the most trusted provider of smart grid solutions for the control room, announced today that it has commissioned a new Supervisory Control and Data Acquisition (SCADA) system for Greenfield Power and Light, Indiana. Greenfield Power and Light provides electrical service to residential and commercial customers within the Greenfield city limits. They are a member of the Indiana Municipal Power Agency (IMPA) and the Indiana Municipal Electric Association (Ind MEA)

ESET NOD32 Antivirus 6 and ESET Smart Security 6 released (Help Net Security) ESET released new versions of its flagship products. Enhancements to both products include advancements in threat detection, more thorough cleaning of infected systems, and an improved user experience

Mobile Security for Android combats mobile threats (Help Net Security) Commtouch announced Mobile Security for Android, an OEM solution that offers cloud-assisted antivirus and Web security services delivered through a client SDK.

Microsoft advances the Cloud OS (Help Net Security) Microsoft announced new solutions to help enterprise customers manage hybrid cloud services and connected devices. System Center 2012 SP1, the enhanced Windows Intune, Windows Azure services for Windows Server and other new offerings deliver against the Microsoft Cloud OS vision to provide customers and partners with the platform to address their top IT challenges

BlackBerry 10 specs leak: The biggest thing to happen to BlackBerry since BlackBerry (Emirates 24/7) The (unofficial) word is out: leaked specs of the upcoming first BlackBerry 10 device – the BlackBerry Z10 all-touch-screen phone – reveal that Research in Motion (RIM) might have its fortunes reversed (they were in reverse motion for a long time) once the phone hits Dubai – and five other markets – on January 30, 2013

Librestream, Livecast top ABI enterprise video collaboration list (Fierce Mobile IT) Librestream and Livecast topped the list of vendors supplying enterprise mobile video collaboration for business operations support examined by ABI Research

Microsoft Enhances System Center For Hybrid Cloud Work (InformationWeek) With System Center's new service pack and Windows Server 2012, an IT administrator can create Hyper-V virtual machines and deploy them to internal data center, remote hosting service provider or public cloud, such as a Windows Azure site

Meet Facebook's Graph Search Tool (InformationWeek) Facebook downplays Google as competitor as it launches "internal" search tool that helps you find people, photos, places and interests inside Facebook using established privacy settings

Facebook Graph Search Makes Privacy Seem Selfish (TechCrunch) The subtle impact of Facebook Graph Search is that when you share openly, you share for the benefit of mankind. And when you don't, or share to just a few people, you're robbing the world of your knowledge, recommendations, and content. The question for each of us now is whether we prioritize our contribution or our privacy

Graph Search Just Made Me a Facebook Addict (Wired Business) Now that I'm data mining my friends via Facebook's new search engine, I suddenly want to feed the beast with my own likes and checkins

Technologies, Techniques, and Standards

Deception Is Futile When Big Brother's Lie Detector Turns Its Eyes on You (Wired Threat Level) A new high-tech lie detector system aims to put the simple polygraph out to pasture. It uses a microphone, video camera and infrared technology to detect when you're being deceptive

'Rogue clouds' giving IT staffs nightmares (IT World) Cloud computing is increasingly being adopted by companies around the world, but IT managers say "rogue cloud implementations" in which business managers sign up for services without getting IT approval is among their biggest challenges

Cloud security key to BYOD, (ISC)2 study shows (Computer Weekly) Businesses welcome bring your own device (BYOD) policies for the operational cost savings and user experience, according to the (ISC)2 2013 Global Information Security Workforce Study. At the same time, the study conducted on behalf of the (ISC)2 Foundation by the analyst firm Frost & Sullivan shows that information security managers admit companies must do more to understand the security of the technologies behind the trend, particularly cloud-based systems and applications. BYOD is a prevalent practice, according to selected results released at a press conference previewing the Infosecurity Europe 2013 conference at Earls Court in London from 23 to 25 April

Safeguarding data-filled devices requires sophisticated tools (Defense Systems) Military data security initiatives are typically defensive strategies designed to protect information at and beyond the network perimeter. Yet such efforts omit a crucial vulnerabilitysensitive data at rest. Data at rest refers to any type of information stored inside a computer device, such as network servers, smart phones, tablet systems and various forms of removable storage, while excluding data that is traversing a network or temporarily residing in computer memory to be read or updated

How to keep yourself from getting cyber-stalked (New Castle News) Michael Kaiser who is the executive director of the National Cyber Security Alliance (NCSA) says cyber-stalking is nothing that consumers should take

The Underdog Operating Systems Set to Shake Up the Smartphone Scene (Technology Review) Apple's iOS and Google's Android rule the fast-growing smartphone market, but upcoming operating systems want to muscle in on their turf. The mobile operating system has become a key component of a successful computing "ecosystem." A version of Ubuntu Linux designed for smartphones could appeal to some manufacturers and carriers. The next time you go shopping for a smartphone, you might see some unfamiliar software on the screens lining store shelves

Mobile Business Intelligence: Here At Last? (InformationWeek) Tech and market conditions have finally aligned to make on-the-go BI a reality, say analysts

Intel CTO: Smart Sensors, Wearable Tech Coming Soon (InformationWeek) Touchscreen Ultrabooks might be cutting edge today, but Intel CTO Justin Rattner says it's nothing compared to the next generation of smart sensors and wearable technology just around the corner

Design and Innovation

Google's Larry Page on Why Moon Shots Matter (Wired Business) Larry Page lives by the gospel of 10x. Most companies would be happy to improve a product by 10 percent. Not the CEO and cofounder of Google. The way Page sees it, a 10 percent improvement means that you're basically

Research and Development

Technical paper: Deeper inside the Blackhole exploit kit (Naked Security) For those interested in exploit kits and how they work, Gabor Szappanos has published the second (and concluding) part of his technical paper looking at the Blackhole kit. Recommended reading for all those that want a little more detail as to how one of the most prolific and widely used crimeware kits actually works

Legislation, Policy, and Regulation

Ridiculously redacted interpretation of FISA snooping law released (Naked Security) US privacy organization EFF invites you to click on thumbnails of the summaries it managed to pry out of the government, but let's save your finger muscles the workout with this summaries summary: ------------------------------

Surveillance Strategy Is Privileged and Confidential, FBI Says (Wired) The President Barack Obama administrations surveillance strategy in the wake of the Supreme Courts decision that the installation of a GPS tracker on a vehicle amounted to a search under the Fourth Amendment remains privileged and confidential, the Justice Department claims in newly released memos. What has been made public is that, following the high courts Jan. 23 decision, the Federal Bureau of Investigation pulled the plug on some 3,000 GPS trackers. The bureaus general counsel, Andrew Weissmann, acknowledged that fact while speaking at a legal symposium at the University of San Francisco last year

German government's surveillance software unsettles a nation that prizes privacy (Quartz) Germans take their privacy seriously and have coined a term—glaeserner Buerger, or "the glass citizen"—to describe a dystopic future in which Germans are surveilled around the clock. The news that that Bundeskriminalamt (BKA), Germany's version of the FBI, is testing software by a controversial surveillance firm is sure to raise the glass citizen image yet again

'Aaron's Law' would partly de-fang Computer Fraud and Abuse Act (Naked Security) Rep. Zoe Lofgren on Tuesday night proposed legislation that would dial back the ferocity of the charges that were used against internet activist Aaron Swartz, who died last week

I support 'Aaron's Law' -- for now (CSO) Congresswoman Zoe Lofgren proposes an amendment to the computer fraud law in honor of Aaron Swartz. I support it, though not unconditionally

It's cyber war…send for Dad's Army (Telegraph) A new Home Guard is being recruited to defend the nation's computer networks. There is a classic Dad's Army scene where Captain Mainwaring and his troops are marching down a country road and come across two stranded nuns. "Look at those poor nuns, sir. Their car has broken down," comes a voice from the front

Litigation, Investigation, and Law Enforcement

U.S. Attorney Carmen Ortiz Issues Statement About Her Office's Handling Of Case Against Aaron Swartz (TechCrunch) After accusations of overzealous prosecution and a whitehouse.gov petition with nearly 40,000 signatures calling for her removal, U.S. Attorney Carmen Ortiz has issued a statement about the suicide of Aaron Swartz. In it, Ortiz defended her office's handling of the case, saying its conduct was "appropriate" and that it would not have sought a decades-long prison sentence

US rebuffed in effort to get copies of Canadian Megaupload servers (Ars Technica) An Ontario judge has refused a US request for unfettered access to the data on Megaupload servers hosted in Canada. The ruling is another sign that overseas courts are not giving US officials the degree of deference they've grown accustomed to in this case under US law. Megaupload once had servers around the world, but they were shut down in a coordinated raid on January 19, 2012

Garda member to lead operations at new EU cybercrime centre (Silicon Republic) A detective inspector with An Garda Sochna has been appointed head of operations for Europols newly established European Cyber Crime Centre in The Hague. Det Insp Paul Gillen is currently head of the Computer Crime Investigation Unit at the Garda Bureau of Fraud Investigation. He will take extended leave without pay from the Garda in order to take up his five-year contract, starting in February

Manning Accusers Must Prove Intent To Aid Enemy (Washington Post) A military judge ruled Wednesday that prosecutors will have to prove that Army Pfc. Bradley Manning knew he was providing information to the enemy when he disclosed hundreds of thousands of cables to WikiLeaks, the anti-secrecy group

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

Cybergamut Technical Tuesday: Finding Splunk Before Splunk Finds You (Columbia, Maryland, USA, Jan 22, 2013) Rob Frazier of Whiteboard Federal Technologies will present his talk "Finding Splunk Before Splunk Finds You". Certification letters will be available for PMI PMP PDU' and CISSP CPEs as well as other technical credits as appropriate. The live event will be in Columbia, MD, and there will be a cybergamut node established in Omaha, Nebraska for this event.

TED X Baltimore: Baltimore Rewired (Baltimore, Maryland, USA, Jan 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but individual TEDx events, including ours, are self-organized.

Data Privacy Day (Various locations, Jan 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy Day (DPD), is collaborating with many educational institutions, corporations, government and non-profit organizations across the world to make Data Privacy Day on January 28th a success. Data Privacy Day is an international day of awareness to educate everyone to respect privacy and safeguard personal information.

tmforum Big Data Analytics Summit (Amsterdam, Netherlands, Jan 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates, panels, interactive sessions and networking opportunities that maximize every participant's opportunity to network and generate ideas that can be implemented immediately.

North American ICS & SCADA Summit (Lake Buena Vista, Florida, USA, Feb 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses.

ATMiA US Conference 2013 (Scottsdale, Arizona, US, Feb 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.

Cybergamut Technical Tuesday: Cloud Security (, Jan 1, 1970) Dr. Susie Cole of Exceptional Software Strategies will discuss cloud security..

#BSidesBOS (Cambridge, Massachusetts, USA, Feb 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..

RSA USA 2013 (San Francisco, California, USA, Feb 25 - Mar 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.

Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, Feb 26 - Mar 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.

TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.

Business Insurance Risk Management Summit (New York City, New York, USA, Mar 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.

e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.

CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.

IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.

The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.

Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.

An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.

Cyber 1.3 (, Jan 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.

INFILTRATE 2013 (Miami, Florida, USA, Apr 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.

InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.

Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.

25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.