The CyberWire Daily Briefing for 1.18.2013
Ars Technica calls Red October an espionage "Swiss Army knife," and Kaspersky discussed details of the campaign's 1000 malware modules. Romanian intelligence services think Red October was used principally to steal information on state policy.
General William Shelton, US Air Force Space Command head, describes Iranian cyber capabilities as a "force to be reckoned with," and attributes Iran's new proficiency to its response to Stuxnet. Cyber warfare appears to be escalating in the Korean peninsula as well. Anonymous announces support for the Zapatistas, and subjects Mexico's Defense Department to a denial-of-service attack.
Several new online threats circulate, affecting users of Skype, the US Electronic Federal Tax Payment System, Apple SMS, okCupid, and Red Cross sites. Physical loss of poorly secured devices continues to raise problems for the health care sector. Goold Health Systems and the University of Washington are recent victims.
HP considers selling Autonomy and HP's EDS unit. TeaMp0isoN hacktivist celebrity Junaid Hussein, a.k.a. TriCk, is out of prison and says he's going straight, offering white hat hacking services. Packet Storm offers bug hunters $7000 bounties for zero-days.
Infosec island asks a good question: how well do organizations secure the personal information of unsuccessful job applicants?
Boeing's Dreamliner isn't a cyber story, but it's an interesting case study in the consequences aggressive outsourcing has for quality control.
Statisticians find ways of identifying anonymous medical information. The US Army is researching ways of attacking air-gapped SCADA systems.
Aaron Swartz's suicide continues to prompt reassessment of cyber legislation and prosecutorial discretion.
Today's issue includes events affecting Afghanistan, Australia, Bahrain, Canada, China, European Union, Germany, India, Indonesia, Iraq, Iran, Italy, Kenya, Kuwait, Lebanon, Malaysia, Mexico, Nigeria, North Korea, Qatar, Romania, Russia, Saudi Arabia, South Korea, Singapore, Spain, Thailand, Turkey, Venezuela, Iran, United Arab Emirates, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Why Red October malware is the Swiss Army knife of espionage (Ars Technica) The Red October malware that infected hundreds of computer networks in diplomatic, governmental, and scientific research organizations around the world was one of the most advanced espionage platforms ever discovered, researchers with antivirus provider Kaspersky Lab have concluded. Its operators had more than 1,000 modules at their disposal, allowing them to craft highly advanced infections that were tailored to the unique configurations of infected machines and the profiles of those who used them
Inside the 1,000 Red October Cyberespionage Malware Modules (Threatpost) The Red October espionage malware campaign is providing security researchers with a deep dive into the complexity of targeted attacks, which in this case made use of more than 1,000 malware modules for everything from reconnaissance on targets to exfiltration of data to command and control servers
Costin Raiu on the Red October Cyberespionage Campaign (Threatpost) Costin RaiuDennis Fisher talks with Costin Raiu and Ryan Naraine about the newly uncovered Red October cyberespionage campaign that has targeted embassies, diplomats, research facilities and military targets for more than five years now. Raiu explains the origins of the campaign, where the attackers likely are located, the complexity and scale of the malware tools involved and what other components might be lurking undiscovered out there
Aggressor of cyber attack christened 'Red October' seeks to exfiltrate data on state policy (ACT Media) The impact of a cyber attack christened 'Red October' is determined both by the fact that the aggressor 'aims at exfiltrating data/documents on state policy and decisions taken at the level of some institutions, and that, by stealing access and authentication passwords, the aggressor could get access to other computer systems', spokesman of the Romanian Intelligence Service (SRI) Sorin Sava informed
Iran beefed up cyber capabilities after 2010 Stuxnet attack: US general (Press TV) A senior US Air Force official says Iran has beefed up its cyber capabilities in reaction to a 2010 cyber attack with the Stuxnet computer virus on its nuclear facility, stressing it will be a "force to be reckoned with" in the future. "The Iranian
Large-scale DDoS attacks grow bigger and more diversified (Help Net Security) In addition to increasing attack sizes, attack volume grew in Q4 2012 and reached the highest number of attacks Prolexic has logged for one quarter, according to Prolexic. Traditional Layer 3 and
Cyber warfare between Koreas, a warning for any cyber power (Security Affairs) Earlier this month is has been spread the news that South Korea is investing to improve the cyber capabilities of the country recruiting and training hackers to involve in the cyber defense due the increasing number of attacks suffered. A cyber attack hit recently the presidential transition team, in particular the press rooms server, but real extent of the damage caused by the event was not determined according the, Yonhap News Agency reports. The authorities has identified the servers used by the attackers, 17 units were located in 10 foreign countries and 2 systems have been found within the country
Anonymous launches attack on Mexico's Defense Department (CNet) Announcing its support of the Zapatista National Liberation Army, the hacking collective hits the government's defense Web site with a DDoS shutdown. Anonymous has set its sights on Mexico's Department of Defense. The group's Mexican legion has claimed responsibility for waging a distributed-denial-of-service attack on the government site, rendering it inoperable for several hours yesterday, according to the Associated Press
New Version of Shylock Malware Spreading Through Skype (Threatpost) There is a new version of the Shylock malware that is now capable of spreading through Skype. The new version is spreading mainly in the U.K., Europe and the U.S. and is playing off the fact that Microsoft is about to kill its Messenger application in favor of Skype
Bogus 'Payroll Declined' emails deliver malware (Help Net Security) A malicious email campaign impersonating the Electronic Federal Tax Payment System (EFTPS) - a service offered by the U.S. Department of the Treasury that allows taxpayers to make tax payments either
SMS spam threat targets Apple fans (Help Net Security) AdaptiveMobile today sheds light on the extent of a new global SMS spam threat. According to Ongoing Threat Analysis (OTA) which examines mobile security threats from around the world, consumers should
Phishing attack attempts to steal Google passwords via Red Cross website (Naked Security) hishing for Google passwords: "Please log into Google Docs, and then you'll be able to read my message." "I've provided a handy link"
OKCupid app, Crazy Blind Date, peeks into your privates (Naked Security) A bug in OKCupid's recently released Crazy Blind Date application allowed complete strangers to paw at users' data
War of words continues over Cisco Linksys router access exploit (Naked Security) Stories of a vulnerability in Cisco Linksys consumer routers have been circulating in the past week. The stories have now turned into a low-key war of words
Malware attack! 'You have received a secure message' (Naked Security) SophosLabs is intercepting a widespread malware attack, spammed out via email, posing as a secure message
'Terrific Employee' Fired After Losing USB Drive Containing Medical Records (Threatpost) A Maine-based company announced Thursday it fired an otherwise exemplary employee who dowloaded medical data onto a jump drive and then lost the device while traveling between Salt Lake City, Denver and Washington, D.C. The unidentified woman's termination follows yesterday's disclosure of a data breach affecting 6,000 Medicaid recipients in Utah. Clair told The Salt Lake Tribune the contractor had difficulty downloading a patient report and decided to use the portable device, which is against the company's and the Utah Health Department's policies. She lost the device sometime last week."She was a terrific employee who made a mistake, a pharmacist who oversees the entire Utah account," said Jim Clair, CEO of the Goold Health Systems
Washington University School of Medicine Acknowledges Security Breach (eSecurity Planet) The Washington University School of Medicine in St. Louis recently announced that a physician's laptop was stolen at a conference in Argentina on November 28, 2012. The laptop, which was password-protected but not encrypted, contained information on approximately 1,100 patients, including patients' names, dates of birth, medical record numbers, diagnoses, and types and dates of surgery. Social Security numbers were also included for 39 of the patients
Many Fed smartphones have zero password protection (Help Net Security) A new report showcases increased security risks with mobile device usage within Federal government as adoption of smartphones and other mobile devices becomes more widespread. Sponsored by EMC, VMware
Important SCADA systems secured using weak logins, researchers find (CSO) Thousands of critical SCADA systems reachable from the Internet are secured by dangerously weak default passwords, a survey carried out with the help of the US Department of Homeland Security has found. According to a third-party report, Bob Radvanovsky and Jacob Brodsky of consultancy InfraCritical used scripts run through the Shodan search engine - 'Google for hackers' - to identify 7,200 vulnerable logins
Spear-Phishing Experiment Targets, Hooks Energy Firms (Dark Reading) More than one-fourth of utility employees in experiment fell victim to spearphishing emails. Spear-phishing is everywhere in targeted attacks today -- even in the SCADA/industrial control systems (ICS) world. A recent experiment involving two real-world utilities showed just how successful those types of campaigns can be: Twenty-six percent of utility employees clicked on a link in the phony emails
Facebook scams and why users fall for them (Help Net Security) The two main reasons why scammers are grateful for Facebook's existence are the fact that they can easily access a great number of people in a short period of time, and the fact that victims often end
Planet Blue Coat: Mapping Global Censorship and Surveillance Tools (Citizenlab) Blue Coat Devices capable of filtering, censorship, and surveillance are being used around the world. During several weeks of scanning and validation that ended in January 2013, we uncovered 61 Blue Coat ProxySG devices and 316 Blue Coat PacketShaper appliances, devices with specific functionality permitting filtering, censorship, and surveillance. 61 of these Blue Coat appliances are on public or government networks in countries with a history of concerns over human rights, surveillance, and censorship (11 ProxySG and 50 PacketShaper appliances). We found these appliances in the following locations: Blue Coat ProxySG: Egypt, Kuwait, Qatar, Saudi Arabia, the UAE. PacketShaper: Afghanistan, Bahrain, China, India, Indonesia, Iraq, Kenya, Kuwait, Lebanon, Malaysia, Nigeria, Qatar, Russia, Saudi Arabia, South Korea, Singapore, Thailand, Turkey, and Venezuela
Security Patches, Mitigations, and Software Updates
Java 7u11 Update Addresses Only One of Two Zero-Day Vulnerabilities (Threatpost) Microsoft can take some solace that it is not alone in sending out security updates that don't fully address a zero-day vulnerability. A researcher at Immunity Inc., put Oracle on a similar hot seat this week when he reported that a recent out-of-band
Security vendors failing to tackle mobile malware, say CISOs (NetworkWorld) Malware is still the biggest threat to mobile security, but most mobile device management (MDM) strategies tend to focus on securing the physical device in case of loss of theft, rather than protecting from cyber threats, according to Peter Gibbons, head of Information Security at Network Rail. Speaking at the Infosecurity Europe 2013 press conference in London this week, Gibbons said that although mobile malware still only represents a tiny fraction of the total amount of malware in the world today, it is growing exponentially. Sooner or later someone is going it get it right and find a vulnerability in iOS or Android or Windows 8 - whatever it happens to be - and they're going to cause a significant loss of data through injected malware
What Would A Cyber Attack On A Major City Look Like? (Risk WatchDog) Let us imagine for scenario's sake that a cyber attack shut down the electricity grid of a major city in a major economy. This would create immediate problems, as people would lose the use of lighting and power in the first instance, and with it
What to expect in the world of IT in 2013 (Computer World) [Registration required.] The economic recovery is moving at an unsteady pace, but the emphasis on cost-cutting that dominated IT agendas in recent years is sharing the spotlight with a more interesting imperative: innovation
Republicans Were Right: The Pentagon Should Have Sketched Out Budget Cuts (National Journal) The Pentagon would do well to take Republicans' advice: Determine, quickly, how many civilians would need to be furloughed and alert them. Inform industry about specific cutbacks so that they too can issue warnings about layoffs. Allowing the workers and contractors to panic is the last ammunition the Pentagon has to get Congress to compromise or change the law
Army upgrades security, home use with joint enterprise license (The Fort Campbell Courier) The Army must complete information assurance certification and accreditation, and Office 2013 must go through the standard Army Gold Master build process
Verizon's ICSA Labs Authorized by HHS to Certify Electronic Health Records (Executive Biz) A Verizon independent division, ICSA Labs, has been officially authorized by he Department of Health and Human Services to certify electronic health records, the company has announced. "Now that we are fully authorized and accredited to certify and test technology meeting the permanent Meaningful Use requirements, we are officially open for business," said Amit Trivedi, ICSA Labs health care program manager
Topological data analysis drives startup Ayasdi (Fierce Big Data) It took a couple of years to commercialize his topological data analysis technology and get funding, but Gunnar Carlsson launched his Palo Alto, Calif.-based startup Ayasdi yesterday with the promise of unlocking hidden patterns in vast amounts of data without the need to run queries
Will HP Sell Autonomy, EDS? (InformationWeek) HP has suitors for its troubled Autonomy and Enterprise Services units, WSJ reports. Autonomy sale would be easier for HP than selling EDS assets
Jade splits software and security units (CSO) Jade Software's chief operating officer promoted to managing director, previous MD takes over security business Wynyard Group
Intel continues to miss out on the post-PC revolution, but here comes its belated effort to save itself (Quartz) In October, I wrote about the seven reasons Intel could be the next RIM, the beleaguered maker of the Blackberry smartphone. Judging by the amount of traffic that post got from behind Intel's own walled corporate intranet, it was a post many at Intel itself took seriously
Northrop Names Steve Hogan Logistics, Modernization Lead (Govconwire) Northrop Grumman (NYSE: NOC) has appointed Steve Hogan sector vice president and general manager of the integrated logistics and modernization division in the technical services sector, effective Jan. 26. The company said he will lead the division's three business units that focus on global logistics and modernization, systems logistics and modernization and operationally-responsive systems
Raytheon CIO Rebecca Rhoads to Lead New Shared Services Org (Govconwire) Raytheon (NYSE: RTN) has appointed Rebecca Rhoads, vice president and chief information officer, to lead a new organization responsible for deploying enterprise shared services across the company. The company said Rhoads will continue serving in her current roles along with leading the new global business services group. William Swanson, chairman and CEO, said Rhoads has
Exelis Names TASC, Northrop Vet Pamela Drew Info Systems Lead (Govconwire) ITT Exelis (NYSE: XLS) has appointed Dr. Pamela Drew president of the information systems business area, effective March 31. The company said she will succeed the retiring Mike Wilson and lead an area focused on system development, networking and radio frequency communications. Drew's team will be responsible for developing products in defense and intelligence systems
New task for CIOs: Make money (Computer World) [Registration required.] Sure, all CIOs seek to add value, but some are taking their quest outside the walls of the enterprise by targeting customers directly. CIO James Quinn was thinking more about customers than cash when he gave his IT team a task. His challenge to them: Find ways to deepen the level of engagement between PHI, a Lafayette, La. provider of helicopter services, and its customers, which include some of the world's biggest energy companies needing transport to oil rigs in the Gulf of Mexico
TeaMp0isoNs TriCk Is Back, Launches Platform to Help Hackers Test Their Skills Legally (Softpedia) TriCk, or Junaid Hussain, the leader of the notorious TeaMp0isoN hacktivist group has been released from jail and hes back on the hacking scene. However, this time he seems determined to take the white path. In an interview weve had with him, the expert revealed that getting caught has made him see things differently
Did ZDI snub your 0-day attack? Packet Storm will buy it for $7k (The Register) Long-running computer security website Packet Storm has launched a bug bounty scheme to reward folks who find and report holes in software. Details of qualifying flaws will eventually be publicly disclosed. Under the new scheme, contributors will be typically paid anywhere between a few hundred dollars and $7,000 for exploits that enable miscreants to execute arbitrary code on vulnerable systems
Products, Services, and Solutions
SCADA Hackers Go On Defense (Dark Reading) ReVuln building SCADA 'shield,' and rolls out SCADA custom-patch service for its customers. One of the most prolific SCADA bug-finding research teams is building a prototype defensive technique for protecting industrial control systems they are best known for hacking
Password cracking and team testing with CORE Impact Pro (Help Net Security) CORE Security released CORE Impact Pro 2013, the latest version of its vulnerability assessment and penetration testing software, that allows organizations to proactively test IT infrastructure
ThreatTrack 2.0 plugs malware holes in real-time (Help Net Security) GFI Software launched GFI ThreatTrack 2.0, the latest version of the security intelligence solution that provides users with visibility into the threat landscape. It produces a range of data streams
Microsoft AVs not good enough, says AV-Test (Help Net Security) AV-Test, the well-known independent organization that tests security software for home and corporate users, has released the results of the latest testing - and it's bad news for Microsoft
ObjectRocket launches MongoDB cloud service (Help Net Security) ObjectRocket launched its fast and scalable MongoDB database-as-a-service (DBaaS). The platform is specifically architected to provide a fast and predictable MongoDB environment
Cloud Security Alliance Recommends the Cloud Security Readiness Tool (Virtual-Strategy Magazine) The Cloud Security Alliance (CSA) recommends the Cloud Security Readiness Tool (CSRT), a free tool from Microsoft designed to help organizations review and
Fusion-io Pushes Data Centers Toward Flash Storage (InformationWeek) Fusion-io believes ioScale will help large Web companies shift to all-flash data centers
Facebook Open Compute Project Shapes Big Data Hardware (InformationWeek) Big data practitioners like Facebook, Goldman Sachs and Fidelity are setting the standards for cheaper, more efficient servers and systems from the likes of Applied Micro, AMD, Dell and Intel
Technologies, Techniques, and Standards
Securing File Sharing Without Losing Productivity Gains (Dark Reading) Workers need file-sharing services to do their job; smart businesses should secure the data without making employees pay in lost productivity
Brand Statements Tell Your InfoSec Story (infosec island) Listening to bad brand statements is like sitting through a bad movie or comedy skit. Well, not quite, since you can leave the theater in those cases without feeling too guilty. Yes, I am among those who stand politely as a vendor tries to sell me something without bothering to determine what I actually care about
Privacy Scares from the Ghosts of Job Applicants Past (infosec island) There is a topic that has been coming up, over and over and over again over the past 12 years, that Ive never seen addressed in other publications. What does your organization do with all the personal information you collect from job applicants? Consider a real situation I encountered around ten years ago
What's wrong with this picture? The NEW clean desk test (CSO) This workspace contains ten security mistakes. Can you spot the errors that put confidential information at risk? What do you notice about this workspace? Most desks hold sensitive documents and information that you don't want to get into the wrong hands. A little care and a few good habits can go a long way toward keeping everything secure
Embracing BYOD means understanding cloud and application security (Help Net Security) Company policies supporting Bring Your Own Device are being widely embraced as a win-win initiative that improves employees' experience and reduces IT costs, according to Frost & Sullivan. At the same
Bank of America CIO Says Simplification and Risk Reduction Are Keys to IT Success (CIO) Bank of America's Catherine Bessant talks about the advantages, and challenges, of being a non-technologist leading IT. She looks at the lessons she's learned from navigating the company's super-sized acquisitions. Bessant also talks about her team's bold plan to simplify dramatically the IT environment while reducing risk through design, aggressive training and more
The challenges of disaster recovery as a service (InfoWorld) Backing up your data and running your systems in the cloud is attractive -- but likely to fail if you don't treat it like a physical warm-site backup. By now, just about everyone is familiar with cloud-based backup services. Whether you're using simple file-based software tools or more complex image-based appliances, these services ship your data into secure cloud storage where it can be accessed at a moment's notice
Disaster recovery: Don't forget mobile (Computer World) [Registration required.] As the mobile workforce continues to grow, IT execs must remember an important new piece of their disaster recovery plans: mobile devices. SAP had two priorities when the earthquake and tsunami hit Japan in 2011: Contact its 1,000 employees there and ascertain their needs. Given the sheer scope of the devastation, and the subsequent nuclear crisis, the task would seem herculean. But SAP leaders quickly connected with their Japan-based workers, most of whom had mobile devices, either company-issued or their own
Design and Innovation
The Mind Of Google: Why Larry Page Argues That Thinking About Competition Is Silly (TechCrunch) "I worry that something has gone seriously wrong with the way we run companies," warns Google's CEO, Larry Page, about companies who focus on the competition. "How exciting is it to come to work if the best you can do is trounce some other company that does roughly the same thing? That's why most companies decay slowly over time." Page's fascinating interview
The outsourcing debate behind the Dreamliner debacle—and the memo Boeing execs should have read (Quartz) With governments around the world grounding Boeing 787 Dreamliners following a series of embarrassing and costly safety issues, the search for responsibility is on. One potential culprit? The already controversial outsourcing of its manufacturing, including the Japanese-made lithium-ion battery that has attracted the most public attention
Research and Development
We Must Choose Privacy Or Medical Breakthroughs: Statisticians ID Anonymous Study Participants (TechCrunch) Researchers who leverage public data for life-changing medical breakthroughs have long promised that donors can remain anonymous. The truth is, we're going to have to choose between innovation and privacy, as clever statisticians are discovering ways to identify individuals who never actually reveal their names
Army Looking for Ways to Infiltrate Air-Gapped Systems (Threatpost) Every time a story emerges up about malware popping up on an industrial control system or someone remotely hacking into some piece of critical infrastructure, there is a reliable and justifiable chorus of experts wagging their fingers and asking, "Why in the world was that system connected to the Internet in the first place?" At this point, pretty much everyone agrees that sensitive control systems should be air-gapped, or completely disconnected from the Internet. In this way, physical, human interaction should be the only way to access such systems, which is a considerable problem for those in the business of conducting cyberwarfare
What WWI fighter pilots can tell us about internet fame (Quartz) In a world where silly blog gimmicks* can make their way into the spotlight, and a wholly unremarkable girl from New Jersey can become a household name (at least in America), it often seems like fame has nil to do with merit. But obviously, this isn't always the case. The most famous basketball players are generally the highest scoring, and the best known scientists are generally the ones who've made the biggest contributions (or at least stolen some of the credit). In a recent study, two engineers from the University of California, Los Angeles attempted to quantify exactly what bearing personal achievement has on fame
Study: Learning Spanish With Duolingo Can Be More Effective Than College Classes Or Rosetta Stone (TechCrunch) Education is quickly moving online, but we haven't seen all that many studies that actually look into the effectiveness of these new forms of online learning. To see how its program performed, the language learning service Duolingo, founded by CAPTCHA inventor Luis von Ahn, commissioned a study (PDF)into the effectiveness of its program. The result, which even surprised von Ahn: it only takes a
Cybersecurity to be tertiary-level subject in India (ZDNet) Cybersecurity is set to be introduced as a subject in Indian universities and technical colleges, following recommendations made by the government task force. According to Times of India's report Thursday, the University Grants Commission (UGC) has written to all the vice chancellors in these institutions requesting them to introduce the subject of cybersecurity in the curriculum at both undergraduate and post-graduate levels. The UGC reviewed India's national security system and presented its report on May 31, 2012
Report: 'Connected learning' needed to address inequities in education (Fierce Government IT) There is a disconnect between classroom learning and the everyday lives and interests of many young people, alienating them from their schooling, according to a report from the Connected Learning Research Network. The 99-page report, authored by nine researchers and scholars, touts "connected learning" as an approach to addressing inequity in education by leveraging the potential of digital media to expand access to learning
Is 2013 Year Of The MOOC? (InformationWeek) Massive open online courses are forcing institutions to consider how to offer course credit and verify student identities
Legislation, Policy, and Regulation
Canada follows Australia in ditching UNSW ethical hacking report (SC Magazine) The Canadian Government has followed the Australian Government in side-stepping a report by a NSW University researcher that called for hacktivism to be regulated. Alana Maurushat from the University of NSW's law faculty argued in the report that ethical hacking should receive exemptions under law. She told SC in 2011 after she said the Australian Government rejected the report that current law left ethical hackers hanging
Europe considers a requirement to report data breaches (Sydney Morning Herald) To combat a rise in online crime, the European Commission is considering requiring companies that store data on the internet such as Microsoft, Apple, Google and IBM to report the loss or theft of personal information in the European Union or risk sanctions. The proposal, which is being drafted by Neelie Kroes, the European commissioner for the digital agenda, seeks to impose, for the first time, universal reporting requirements on companies that run large databases, those used for internet searches, social networks, e-commerce or cloud services. The proposed directive would supplant a patchwork of national laws in Europe that have made reporting mandatory in Germany and Spain but voluntary in Britain and Italy
Blue Button set for improvements (Fierce Government IT) Federal health information technology officials highlighted Jan. 16 efforts to give patients the ability to download personal health record data via the Blue Button initiative
Constitutional amendment protecting the right to bear data (Fierce Big Data) President Barack Obama signed 23 executive orders yesterday as an opening salvo for a more comprehensive approach to addressing America's appalling acceptance of death and violence over public safety and common sense--a result of adhering to the outdated language of the Second Amendment to the United States Constitution, which has been rendered inadequate for the times and technology as they have evolved. Seven of those orders can benefit from the advancing capabilities of big data
Hacking Law Critics Demand Change After Swartz Suicide (InformationWeek) Proposed legislation seeks to end felony charges related to 'unauthorized access,' but legal experts say bigger fixes are needed
New Congress seen shunning SOPA (Computer World) [Registration required.] Backers fear a new bill like the Stop Online Piracy Act would elicit a repeat of last year's massive online protests. As A new U.S. Congress begins work this month, few insiders expect that there will a rush to create new versions of the controversial Stop Online Piracy Act (SOPA) or the Protect IP Act (PIPA)
Litigation, Investigation, and Law Enforcement
Cryptome escapes Thales' attack dogs in bank security row (The Register) Defence giant Thales has withdrawn its demand for the removal of banking security documents from whistle-blowing website Cryptome. The global corporation filed a DMCA* takedown notice last week citing copyright infringement: two of its manuals for cryptographic equipment have been available from Cryptome since 2003. Ross Anderson, a professor in security engineering at the University of Cambridge Computer Laboratory, fired a broadside at Thales earlier this week arguing that the action amounted to attempted censorship
The death of Aaron Swartz is the failure of brinksmanship—and prosecution of real computer crimes (Quartz) Reality is what refuses to go away when you stop believing in it. The reality—the ground truth—is that Aaron Swartz is dead. Now what? Brinksmanship is a terrible game, that all too many systems evolve towards. The suicide of Aaron Swartz is an awful outcome, an unfair outcome, a radically out of proportion outcome. As in all negotiations to the brink, it represents a scenario in which all parties lose
The Criminal Charges Against Aaron Swartz (Prosecutorial Discretion) (Volokh Conspiracy) This is the second in a series of posts on the Aaron Swartz prosecution. In my first post, I analyzed whether the charges that were brought against Swartz were justified as a matter of law. In this post, I consider whether the prosecutors in the case properly exercised their discretion. As some readers may know, prosecutors generally have the discretion to decline to prosecute a case; once they charge a case, they have the discretion to offer or not offer a plea deal; and once they offer the plea deal, they have some discretion to set the terms of the offer that they will accept. This post considers whether the prosecutors abused that discretion. To provide some attempted answers, I'm going to break down the question into four different issues: First, was any criminal punishment appropriate in the case? Second, if so, how much criminal punishment was appropriate? Third, who is to blame if the punishment was excessive and the government's tactics were overzealous? And fourth, does the Swartz case show the need to amend the Computer Fraud and Abuse Act, and if so, how
McAfee's Escape From Belize Turns Movie (InformationWeek) Tale of eccentric antivirus founder John McAfee's escape to Guatemala and Miami set to be adapted by the team behind Crazy, Stupid, Love
For a complete running list of events, please visit the Event Tracker.
Cybergamut Technical Tuesday: Finding Splunk Before Splunk Finds You (Columbia, Maryland, USA, Jan 22, 2013) Rob Frazier of Whiteboard Federal Technologies will present his talk "Finding Splunk Before Splunk Finds You". Certification letters will be available for PMI PMP PDU' and CISSP CPEs as well as other technical credits as appropriate. The live event will be in Columbia, MD, and there will be a cybergamut node established in Omaha, Nebraska for this event.
TED X Baltimore: Baltimore Rewired (Baltimore, Maryland, USA, Jan 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but individual TEDx events, including ours, are self-organized.
Data Privacy Day (Various locations, Jan 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy Day (DPD), is collaborating with many educational institutions, corporations, government and non-profit organizations across the world to make Data Privacy Day on January 28th a success. Data Privacy Day is an international day of awareness to educate everyone to respect privacy and safeguard personal information.
tmforum Big Data Analytics Summit (Amsterdam, Netherlands, Jan 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates, panels, interactive sessions and networking opportunities that maximize every participant's opportunity to network and generate ideas that can be implemented immediately.
North American ICS & SCADA Summit (Lake Buena Vista, Florida, USA, Feb 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses.
ATMiA US Conference 2013 (Scottsdale, Arizona, US, Feb 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
Cybergamut Technical Tuesday: Cloud Security (, Jan 1, 1970) Dr. Susie Cole of Exceptional Software Strategies will discuss cloud security..
#BSidesBOS (Cambridge, Massachusetts, USA, Feb 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..
RSA USA 2013 (San Francisco, California, USA, Feb 25 - Mar 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, Feb 26 - Mar 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.
TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.
Business Insurance Risk Management Summit (New York City, New York, USA, Mar 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.
e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.
CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.
IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
Cyber 1.3 (, Jan 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.
INFILTRATE 2013 (Miami, Florida, USA, Apr 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.