The CyberWire Daily Briefing for 6.26.2013
Cyber attacks affect both Koreas. Attribution remains unclear, although hacktivists purporting to represent Anonymous claim attacks on the North. Other hacktivists (who say they're protesting censorship) claim attacks on the South, and say they've released personal information on US military members stationed in Korea. The success and sophistication of the attacks seem beyond anything in Anonymous' recent track record.
The Carberp source code's black market value, pegged Monday at $50k, has surely dropped—it's been leaked. Moderate any Schadenfreude at crimeware vendors' lost IP, however: the leak augurs a spike in Carberp-based exploits.
Emboldened by the PRISM affair, China's People's Liberation Army, after a short breather, is back hacking. (Tibetan activists are targeted.) Fresh leaks allege US intrusion into Chinese telecom networks and a comprehensive cyber espionage program.
eSecurity Planet considers how enterprises should trim their data protection policies in the light of stories about US Government electronic surveillance. The risks are as real—consider litigation in the EU and protectionist retaliation in China against big targets of opportunity like Cisco—as the responsibilities.
By general consensus the PRISM affair has provoked not only domestic US controversy, but also a large diplomatic mess: Russia and China exploit American discomfiture; politicians on the EU's left (and not only there) call to protect Edward Snowden. Australia fears PRISM will damage its relations with Asian neighbors. More leaks are promised: Snowden says he's cached encrypted files around the world as "insurance."
The Wikileaks trial may set precedent for online evidence—Tweets, blogs, etc.
Notes.
Today's issue includes events affecting Australia, Austria, China, Ecuador, European Union, Iceland, Ireland, Israel, People's Democratic Republic of Korea, Republic of Korea, Russia, Taiwan, and United States..
Cyber Attacks, Threats, and Vulnerabilities
South Korea Hit By Cyber Attack, Was It Caused By Anonymous Attack On North Korea (Fast Company) South Korea Hit By Cyber Attack, Was It Caused By Anonymous Attack On North Korea? For ten minutes, the official presidential website carried the message, "We Are Anonymous. We Are Legion. We Do Not Forgive. We Do Not Forget. Expect Us." By: Addy
North and South Korea websites shut amid hacking alert (The Guardian) The attacks in South Korea did not appear to be as serious as a cyber-attack in March, which shut down tens of thousands of computers and servers at broadcasters and banks. There were no initial reports that banks had been hit or that sensitive
South Korea issues alert after cyber attack allegedly by North Korea (Daily Bhaskar) Coinciding with the 63rd anniversary of the start of the Korean War, hackers penetrated several official websites of South Korea including the presidential Blue House. South Korea issued a cyber attack alert on Tuesday after hackers hacked a
U.S. troops' details leaked in cyber attacks aimed at South Korea: reports (Reuters) Hackers say they have leaked personal details of tens of thousands of U.S. troops to websites, South Korean news reports and online security officials said on Wednesday, a day after cyber attacks disabled access to government and news sites
Cyberattacks Disrupt Leading Korean Sites (New York Times) Major government and news media Web sites in South and North Korea were shut down on Tuesday after anonymous hackers claimed to have attacked them on the 63rd anniversary of the start of the 1950-53 Korean War
Anonymous Attacks North Korea, Denies Targeting South (InformationWeek) Groups claiming to represent Anonymous launch separate DDoS attacks and defacements against both North and South Korean websites
TROJ_DIDKR.A (Trend Micro Threat Encyclopedia) This malware is related to the security incident that affected certain government and news websites in South Korea. In one of the attacks, cybercriminals compromised the auto-update mechanism of SimDisk.exe in order to serve a modified malicious version of the said installer and to allow the infection chain to play out as intended
Compromised Auto-Update Mechanism Affects South Korean Users (Trend Micro Security Intelligence Blog) On Tuesday, South Korea raised the country's cyber security alarm from level 1 to 3, because of several incidents that affected different government and news websites in South Korea. One of the several attacks related to the June 25 security incident involved the compromise of the auto-update mechanism related to the legitimate installer file SimDisk.exe, which we were able to get a sample of. SimDisk is a file-sharing and storage service
Malicious program enhances APT campaign against South Korea (SC Magazine) PinkStats, a downloader that spreads additional malware once it infects its target, has been repeatedly used in advanced persistent threat (APT) campaigns around the globe over the past four years, researchers have found
NetTraveler Malspam Campaign Targeting Regional Tibetan Youth Congress (Trend Micro Threat Encyclopedia) The NetTraveler campaign is a series of malware spam attacks used against different companies and governmental institutions. Included in this list are the Tibetan/Uyghur activists. Recently, we received a spam mail which uses this campaign and its target is the Regional Tibetan Youth Congress
Suspected China-based hackers 'Comment Crew' rise again (CSO) After a brief rest, the hackers have regrouped and started fresh campaigns. The suspected China-based hackers known as the "Comment Crew" are back at it again, a development likely to contribute to continued tensions between the U.S. and China over cyberattacks
Adversary Arsenal Exposed Part I: PinkStats the Two–Handed Sword of the Chinese Attackers (Seculert) Much like in the middle ages, where the best knights had a great arsenal of swords, axes and maces to win a battle, today's adversary must have a good arsenal of attacking tools and malware to have a successful APT attack. For instance, the Chinese APT1 group has a great arsenal of malware - many of which are described in Mandiant's detailed report
NSA hacked China's top carriers in hunt for SMS data – report (The Register) Snow joke for NSA as latest revelations point to extensive campaign. PRISM snitch Edward Snowden responded to the US government formally charging him with spying on Friday with fresh revelations that the NSA hacked China's three state-run telcos in a bid to nab SMS data
Info of nearly 3K University of Illinois dorm residents stolen (SC Magazine) Thousands of University of Illinois at Urbana-Champaign (UIUC) students, who lived in campus housing called the Hendrick House between 1997 and the spring of 2011, had their information uploaded to a thumb drive
World of Warcraft mobile auctions closed after rash of account hijacks (Ars Technica) Temporary closure follows reports of hackers using mobile armory to scam users
Scammers Exploit Google's Fifteen Years of Establishment through E-mail Fraud (Spamfighter) According to security researchers, as Google the popular search engine marks its 15th annum since launch, cyber-criminals are using the opportunity for celebrating in their own way by exploiting the name within an e-mail scam, reports softpedia.com dated June 21, 2013
Rogue 'Free Codec Pack' ads lead to Win32/InstallCore Potentially Unwanted Application (PUA) (Webroot Threat Blog) Following last week's profile of yet another InstallCore Potentially Unwanted Application (PUA) campaign, we detected another rogue ad campaign this week. This time enticing E.U based users into downloading and installing a fake "Free Codec Pack", with the users sacrificing their privacy in the process due to the additional toolbars that will be installed on their PCs
Researchers reveal tricks for Cutwail's endurance (Help Net Security) While some botherders have opted for the arguably much safer P2P architecture in order to assure their botnets' resilience, others are still clinging to the standard distributed C&C option
Carberp Source Code Leaked (Threatpost) The source code for the Carberp Trojan, which typically sells for $40,000 on the underground, has been leaked and is now available to anyone who wants it. The leak has echoes of the release of the Zeus crimeware source code a couple of years ago and has security researchers concerned that it may lead to a similar crop of new Trojans and crimeware kits
Compromised Yahoo! Accounts Used to Spread Android Trojan (SecurityWeek) Over the last several days, weeks really for some, people have noticed an uptick in the amount of spam coming from compromised Yahoo accounts. SecurityWeek staff has witnessed this uptick in spam as well. But this spam run is designed to spread malware to Android devices, so it's likely not as simple as a weak password issue
A New Cyber Concern: Hack Attacks on Medical Devices (Scientific American) The agency also prodded hospitals to step up future reporting of any cyber attacks. In a recent alert the U.S. Department of Homeland Security highlighted one weakness affecting approximately 300 medical devices, including drug infusion pumps
Security Patches, Mitigations, and Software Updates
5 Chrome Plugins That Make Browsing More Secure (Kaspersky Lab Daily) There is an entire market of plugins out there designed to keep you safe while surfing the web on your browser of choice. Each one has lots of options; for Google's Chrome, here are five of the best programs that will help keep your system and your personal information safe and secure
Firefox Delivers 3D Gaming, Video Calls and File Sharing to the Web (The Mozilla Blog) Rich activities like games and video calls were some of the last remaining challenges to prove that the Web is a capable and powerful platform for complex tasks. We conquered these challenges as part of Mozilla's mission to advance the Web as the platform for openness, innovation and opportunity for all
WordPress 3.5.2 Maintenance and Security Release (WordPress) WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also contains some additional security hardening
Cyber Trends
Will PRISM Impact Data Protection Strategies? (eSecurity Planet) As details of the National Security Agency's PRISM program continue to emerge, how concerned should enterprises be about government requests for data? It's 9 o'clock on a Monday morning, and half a dozen law enforcement officers are banging on the door of your data center. They're waving official looking documents and demanding access to your data
Infographic: Malicious Mobile Apps (Webroot Threat Blog) The workplace technology landscape has changed dramatically over the past five years, and the security threats have changes along with it. Here are the growing factors that IT professionals can't afford to ignore, all in a beautiful infographic
Cyberattacks the greatest threat to nations, say global execs (CSO) More than half of IT pros and top brass believe cybercriminals have invaded their systems in the past or are still inside them
Middle East energy sector most at risk of cyber attack (Power Engineering International) And the company has warned that "a cyber attack on crucial energy supplies and transiting routes in this region would impact the entire world". DNV KEMA said that no regional cyber security strategy has yet been implemented in the Middle East, despite
Cyber espionage, Android malware dominate in Q1 2013 (Tempo) Kaspersky Lab, a leading secure content and threat management solutions, said that an increased number of alleged state-sponsored cyber-attacks were recorded by the Kaspersky Security Network (KSN). KSN is a distributed system that collects data about
Organizations Fail at Securing Regulated Data on Mobile Devices, Survey (SecurityWeek) In security, what organizations don't know about their data that can hurt them. In a new survey sponsored by mobile security provider WatchDox, the Ponemon Institute found that more than 80 percent of the 798 IT professionals surveyed did not know how much of their organization's data is stored on cloud file sharing services or mobile devices
Web Badness Knows No Bounds (Krebs on Security) If your strategy for remaining safe and secure online is mainly to avoid visiting dodgy Web sites, it's time to consider a new approach. Data released today by Google serves as a welcome reminder that drive-by malware attacks are far more likely to come from hacked, legitimate Web sites than from sites set up by attackers to intentionally host and distribute malicious software
New big data risks (FierceBigData) Gartner says that by 2019--a mere six years from now--"90 percent of organizations will have personal data on its systems they don't own or control." Much of this will stem from importing data from external sources, but in any case that accumulation of personal data presents new security risks to individuals and the companies holding the data alike
Marketplace
Cisco Faces Challenges As Chinese Media Urge Switching To Domestic Products For National Security Reasons In Wake Of NSA Surveillance Leaks (International Business Times) Edward Snowden, who leaked the National Security Agency's secret surveillance program and claimed the U.S. used equipment made by Cisco Systems Inc. (NASDAQ:CSCO) to spy on China, could have dealt a blow to the U.S. company's $2 billion in
Lastline Finds $10M For Malware Defense Software (socalTech.com) Lastline develops malware analysis software which was originally developed by a team of computer science professors at the University of California
What kind of strategic boost does FedRAMP give HP and Lockheed? (Washington Technology) There are more than 140 corporate members within Lockheed's Cloud Security Alliance, and while the companies may vary across the spectrum, they all share a "vested interest in understanding the security requirements associated with cloud computing"
Qualys Coverage Initiated by Analysts at Imperial Capital (QLYS) (Mideast Times) Equities researchers at Imperial Capital assumed coverage on shares of Qualys (NASDAQ: QLYS) in a research report issued on Tuesday, StockRatingsNetwork.com reports. The firm set an "outperform" rating and a $18.00 price target on the stock. Imperial Capital's price target suggests a potential upside of 14.87% from the stock's previous close
Microsoft Reorg Rumors Heat Up (InformationWeek) With Windows 8.1 just a few days away, rumors of an impending company shakeup have gained momentum
ALAPKO has been acquired by Subsystem Technologies (M&T Investment Banking Group) [M&T Investment Banking Group is serving as financial advisor to Subsystem Technologies, Inc., in it acquisition of ALAPKO, Inc. Subsystem and ALAPKO provide cyber security and other services to the US Federal Governemnt.
Dell buyout drama heats up (FierceFinance) Ahead of a July 18 shareholder vote, both sides in the Dell buyout sweepstakes are pressing their cases
Products, Services, and Solutions
How Much is Your Gmail Worth? (Krebs on Security) If you use Gmail and have ever wondered how much your account might be worth to cyber thieves, have a look at Cloudsweeper, a new service launching this week that tries to price the value of your Gmail address based on the number of retail accounts you have tied to it and the current resale value of those accounts in the underground
New Tool Gives Developers A Free Anti SQL Injection Shortcut (Dark Reading) As one of the longest-lingering burrs in the saddles of database security and application security professionals, SQL injection continues to plague the Web application world for a myriad of reasons. But none is so oft lamented as the fact that developers continue to write unparemeterized database queries into their code
Despite new malware scanning, Chrome Web Store security still falls short (CSO) Improving Chrome OS's security is key to driving its use in business, but one expert said Google still needs to vet developers' reputation
Panda Boosts Security and Control for Organizations with New Features in Panda Cloud Systems Management (PR.com) New features of the latest version of Panda Cloud Systems Management (PCSM) include improved ticketing system, Wake-on-LAN for managing remote devices, even when they are switched off, and more
Panda Security Guarantees Protection for Android Devices with Panda Mobile Security (PRWeb) Beta version of Panda Mobile Security for Android environments now available on Google Play. Numerous features including antivirus protection, a module for monitoring smartphone processes, and privacy management options now available
AirWatch enhances laptop management solution (Help Net Security) AirWatch announced enhancements to its laptop management solution that provides additional functionality and platform support for organizations that need to manage all of their mobile devices
Realsec Announces Launch of Cryptosec RKL Server in North America (Broadway World) Realsec, a leading secure vendor of cryptographic solutions worldwide, today announced the North American availability of the Cryptosec RKL Server. Realsec's Cryptosec RKL server is an appliance for the automated remote loading
Eradicate passwords, get two-factor authentication for free (Herald Online) M-Pin™ Strong Authentication System is finally available! Nearly a year after CertiVox introduced the M-Pin™ Protocol, it's now available for any ISP, enterprise or SaaS solution provider to integrate into their environment. With both a free and enterprise tier of the M-Pin Managed Service, accessing M-Pin is in the reach of any size organization
Google adds malware site flags to Transparency Report (ZDNet) Have you see those "warning" pages Google throws up when you're about to hit a malware-infested site? The search giant is now adding those flagged figures to its ongoing disclosure report
HP unveils Slate 21, all-in-one Android-based desktop (FierceCIO: TechWatch) Hewlett-Packard (NYSE: HPQ) this week took the wraps off a new 21.5-inch all-in-one desktop at an HP event in Beijing. Instead of running on the Windows operating system though, the HP Slate 21 will come with Android 4.2.2 and will be powered by Nvidia's upcoming Tegra 4 quad-core processor
Dell Announces "World's Most Secure" Commercial PCs (Enterprise Networking Planet) Factory-installed Dell Data Protection suite to make Dell commercial PCs the most secure in the world, right out of the box. No network is truly secure unless its endpoints are secure, too. That's what Dell is banking on with the announcement today that its Dell Data Protection (DDP) suite, with new security features, will come baked-in to all Dell commercial PCs. Dell claims the security suite will make its PCs the most secure in the world, right out of the box. Last week, I sat down with representatives of Dell and its malware prevention technology partner, Invincea, to learn how
Procera Networks to Showcase Dynamic LiveView at QUESTnet 2013 Conference (BWW Geeks) Procera Networks, Inc. (NASDAQ: PKT), the global network intelligence company, today announced it will demonstrate its real time Dynamic LiveView capabilities on network traffic running at this year's Queensland Education, Science and Technology Network (QUESTnet) conference, July 2-5 in Gold Coast, Australia
Joyent Launches Manta Service For Cloud Computing, Storage (InformationWeek) Joyent Manta Storage Service keeps big data close to the compute resources needed to analyze it. Starting Tuesday, Joyent is offering a new type of storage combined with compute services. Joyent Manta Storage Service will keep data stored close to the servers that will analyze and work with it
Amazon Wins Best Cloud In CIA Bake-Off (InformationWeek) Despite a higher bid, Amazon gets CIA contract over IBM due to its deeper experience as a cloud services provider, says Amazon CTO Werner Vogel
Will Spark burn Hadoop? (FierceBigData) Hadoop is the current linchpin of big data and is so deeply embedded in the industry that it is hard to imagine that it will ever lose its grip on the market. But there is a flicker on the horizon called Spark that may ignite a disruptive change
BlackBerry Separates Work from Play on iOS and Android (SecurityWeek) Smartphone make BlackBerry today announced the availability of its latest mobile security offering designed to separate work-related apps and data from personal apps and data, on iOS and Android-based devices
NY Times Calls Out Edmodo On Security (InformationWeek) Concerned dad, a Cisco engineer, established fake account to prove that social collaboration site for teachers was not using encryption. Following an embarrassing The New York Times article on the weakness of its Web security, Edmodo is promising to make full SSL encryption standard for all accounts by July 15
Silent Circle Launches Management Console (SecurityWeek) Silent Circle, a startup providing private encrypted communications solutions, this week released Silent Circle Management Console, a secure web-based portal that allows organizations to purchase, assign and manage licenses for employees using the company's peer-to-peer encrypted communications tools on their devices
Watchful Software to Demonstrate Award-Winning Security Technology at TechED Europe 2013 (Street Insider) Watchful Software, a leading provider of data-centric information security solutions, will be showcasing RightsWATCH, its powerful tool for classifying and protecting data, by means of mediating and controlling access to data based on its classification at TechED Europe 2013, taking place this week in Madrid, Spain
A New Approach to Advanced Threat Protection (Infosecurity Magazine) Can you prevent and advanced persistent threat from taking hold within your enterprise network? Can you thwart a determined and targeted cyber-attacker - bent on the theft of your most sensitive information - from achieving successful entry? If you ask George Kurtz of security start-up CrowdStrike, then the answer to both of these questions is a resounding "no". But, the firm's CEO and co-founder added, "you can close the gap between identifying these attacks and when you remediate the situation"
CrowdStrike Turns Security Fight Toward Attacker (Dark Reading) CrowdStrike Falcon platform is first to focus on the source of the attack, rather than stopping malware. In medicine, there are two types of treatment: those that treat the symptoms and those that cure the disease. Many doctors - and most pharmaceutical companies - devote the majority of their time toward managing and relieving symptoms, rather than stopping disease at its source
Technologies, Techniques, and Standards
Vulnerability Severity Scores Make For Poor Patching Priority, Researchers Find (Dark Reading) A bug's Common Vulnerability Scoring System (CVSS) score doesn't necessarily correlate with whether the vulnerability is being used in attacks. Relying on the measure of vulnerability severity to prioritize what to patch and which security issues to put off for another day is a waste of effort on software flaws that pose no danger while missing others that are currently being exploited, according to two researchers that plan to reveal their findings at the Black Hat Security Briefings later this year
Be Cyber Resilient: Know the risks (and rewards) of Shadow IT. (Symantec) Cyber resilience is being able to understand modern attacks, implement the right procedures and response strategy to counteract future cyber threats and recover from incidents faster. Start the process towards cyber resilience by considering how Shadow IT can be turned into an advantage#8230
SSL: Intercepted today, decrypted tomorrow (Netcraft) Millions of websites and billions of people rely on SSL to protect the transmission of sensitive information such as passwords, credit card details, and personal information with the expectation that encryption guarantees privacy. However, recently leaked documents appear to reveal that the NSA, the United States National Security Agency, logs very high volumes of internet traffic and retains captured encrypted communication for later cryptanalysis. The United States is far from the only government wishing to monitor encrypted internet traffic: Saudi Arabia has asked for help decrypting SSL traffic, China has been accused of performing a MITM attack against SSL-only GitHub, and Iran has been reported to be engaged in deep packet inspection and more, to name but a few
Ignoring Compliance Is A Real Option (Dark Reading) Life is full of choices. Lots of choices. We even have choices we don't recognize as available. Business is the same way. For instance, did you know that both compliance and security are optional for your business? They are choices. Every day your business makes choices about how much effort, if any, it will make toward meeting compliance requirements or securing its assets, for both the physical facilities and its information assets
Database Configuration Standards (Dark Reading) "Where do I find database security benchmarks?" That was the question posed to me this week when discussing database security assessment. It's an odd question for database administrators (DBAs) because a "benchmark" is a term we associate with performance. In compliance or security parlance, it means configuration standards, and this customer wanted to know, "Where do I find industry standards for database configuration?" The short answer is, "You don't"
Lucile Packard 'aggressively' fighting to prevent data breaches (FierceHealthIT) Lucile Packard Children's Hospital Information Security Officer Bill Lazarus is nothing if not frustrated with the string of data breaches that has plagued the Palo Alto, Calif.-based facility of late
The big data gold rush: Data miners find gold…and fool's gold too (FierceBigData) Big data rapidly became the modern day equivalent of the California Gold Rush. Enterprises and governments took a look at the growing mountains of data and quickly came to the conclusion that "there is gold in them thar hills." But just like in the Gold Rush, sometimes the glitter is just fool's gold and not the real thing
What to Do if Facebook Leaked Your Data? (Kaspersky Lab Daily) The recent incident of personal data being leaked from Facebook's servers is just one more demonstration that even the best cloud services are not flawless. Therefore, every user should have a plan of action in case of a crash
Design and Innovation
Want to get the next Facebook update before anyone else? Move to New Zealand (Quartz) Google launched a flock of Wi-Fi toting balloons from New Zealand's South Island last week, and the choice of location was far from incidental: Kiwis have made a name for themselves as the perfect market for testing new tech
Hardware nerds rejoice! New incubator will turn prototypes into commercial products (VentureBeat) Many hardware startups stumble when they attempt to move from prototype to large-scale manufacturing. To help these companies scale, Highway1 has launched its San Francisco-based incubator program. What's unique about the program is that it can help young companies form partnerships with local supply chain service providers in Asia and Europe
Microsoft bundles all startup initiatives into one super-charged support network (VentureBeat) Microsoft is creating a startup three-ring circus. The company is combining various startup initiatives into one coordinated global effort called Microsoft Ventures. It will include a community evangelism program, an accelerator program, and a seed fund that supports startups around the world as they grow their customer base and products
Korean graphical designer in "font protest" against PRISM surveillance (Naked Security) About a year ago, a Korean graphical designer came out with an "anti-surveillance" typeface called ZXX, as a sort of protest against electronic eavesdropping. But, in the aftermath of PRISM, are there *really* any anti-surveillance properties to ZXX? Paul Ducklin has a look
Big data goal is 'question farming, not answer farming' (FierceBigData) While vendors are scurrying to make headway in the growing demand for data visualizations, there is still plenty of work to be done in mashing big data math with a new art form
Research and Development
Remembrance of Everything Past (IEEE Spectrum) More information could enhance cognition and lead to better decision making—or drown us in a deluge of data points
Everyone's passwords suck--and why pretty soon it won't matter (Quartz) Do you suffer from password fatigue? If you're a human and you use the internet, the Agence France-Presse says, you probably do. Symptoms include picking "easy" passwords--those that shirk suggestions for long strings of characters mixing numbers and symbols--and repeating passwords from one website to another, a dangerous game if you're mixing low- and high-security accounts
Com Dev Aims To Place Quantum Cryptography System on Microsatellite (Space News) The Cambridge, Ontario, company wants to demonstrate quantum cryptography technology first on an airborne platform by next March before installing the proposed system on a microsatellite, said Ian D'Souza, mission scientist for what Com Dev is calling
Academia
GoSCiTech: GSSM Camp stimulates interests in science, technology (Hartsville Messenger) The Governor's School for Science and Math residential summer camp is in full swing. Formerly known as the Summer Science Program, GoSciTech has reached a new level this summer with more that 400 students signed up for one or more weeks of the three-week science camp
What's the right age for kids to learn to code? (VentureBeat) Last week, I received an email from three female designers living in Sweden. They told me about their new website and interactive e-book, "My First Website," to help toddlers learn to code
What CSOs should look for in new hires (SC Magazine) Last month, college graduations were celebrated throughout the country, springing the class of 2013 on the working world
Legislation, Policy, and Regulation
Greens condemn EU's anti-hacker directive (Cyberwarzone) The Greens/EFA group has opposed the new cyber crime directive endorsed by parliament's civil liberties, justice and home affairs committee, calling the new rules "blunt"
Exclusive: Documents Illuminate Ecuador's Spying Practices (BuzzFeed) The country where anti-surveillance hero Edward Snowden wants to take refuge spent half a million dollars on an Israeli-made "GSM interceptor" in a deal brokered by a U.S. middleman. Seeking the capacity to "intercept text messages, falsify and modify the text messages" among other tricks
NSA Whistleblower's revelations may hamper OZ relations with Asian countries (Business Standard) However, the Australian intelligence agencies are unsure about the kind of data Snowden gained access to while working as the NSA contractor at Booz Allen Hamilton. Officials fear that disclosure of highly sensitive and classified intelligence
US senators propose legislation to throttle NSA's domestic spying (Naked Security) Senator Patrick Leahy, along with other US senators, has introduced a bill to limit the National Security Agency (NSA) spying on domestic targets
In NSA Leak, Foes Of U.S. See A Chance To Return Fire (Washington Post) It may be years before the full cost of Edward Snowden's intelligence leaks can be measured. But his disclosures about top-secret surveillance programs have already come at a price for the U.S. government: America's foes have been handed an immensely powerful tool for portraying Washington as a hypocritical proponent of democratic values that it doesn't abide by at home
NSA Head Says Surveillance Fact Sheet Was Flawed (Washington Post) National Security Agency Director Gen. Keith B. Alexander acknowledged Tuesday that a fact sheet on the agency's Web site inaccurately described the extent to which the communications of U.S. citizens are protected from the spy agency's collection of e-mail and other material from technology companies
Snowden leak tips balance in US-China cyber-war (Russia Today) The release of data about US hack attacks on China has deprived the West of the moral high ground in the cyber-war, Hong Kong City University Professor Joseph Cheng told RT. This could give China diplomatic ammo in future negotiations with the US
U.S. Surveillance Is Not Aimed at Terrorists (Bloomberg) The debate over the U.S. government's monitoring of digital communications suggests that Americans are willing to allow it as long as it is genuinely targeted at terrorists. What they fail to realize is that the surveillance systems are best suited for gathering information on law-abiding citizens
Critics question whether NSA data collection is effective (CSO) The mass collection of data overwhelms investigators with information, critics at privacy conference say
Congress passed act in 2011 to detect, prevent 'insider threats' (Washington Times) Mr. Snowden told the South China Morning Post, in an interview published this week, that he sought work with U.S. intelligence contractor Booz Allen Hamilton at the NSA's Hawaii Threat Operations Center to be in a position to steal data that would
New plan to stop leaks: Squeal on your cubicle mate who may or may not be a whistleblower (SC Magazine) In November, months before Edward Snowden would become a household name, President Obama issued a memorandum to the heads of federal agencies, spelling out new guidance for deterring the security threat of insiders
HHS rule would give federal exchanges 1 hour to report data breaches (FierceHealthIT) Under a newly proposed rule from the U.S. Department of Health & Human Services, federally-facilitated exchanges created via the Affordable Care Act, as well as entities working with such exchanges, would have one hour to report security incidents upon discovery of a breach
ONC, FDA aligning app guidance with broader health IT policy (FierceMobileHealthcare) The Office of the National Coordinator for Health IT has taken a leadership position in promoting the implementation of health IT across the country. ONC is actively supporting the adoption of health IT and the promotion of nationwide health information exchange to improve America's healthcare system. FierceMobileHealthcare had the opportunity to speak with Jodi Daniel, Director of ONC's Office of Policy and Planning
Congressional hearing to focus on entrepreneurs, mobile medical apps (FierceMobileHealthcare) The House Small Business Subcommittee on Health and Technology will hold a hearing on June 27 to highlight entrepreneurs creating healthcare apps, according to the subcommittee's announcement
mHealth Regulatory Coalition urges FDA to release final apps guidance (FierceMobileHealthcare) The mHealth Regulatory Coalition (MRC) on June 21 sent a letter to Department of Health and Human Services (HHS) Secretary Kathleen Sebelius urging HHS, through the U.S. Food and Drug Administration (FDA), to publish the final guidance on mobile medical applications (MMA) "as soon as reasonably possible."
Declassified gov't report details decades of NSA computer spying (Fox News) Declassified by the NSA on May 29 and posted online on Monday, the 344-page report "It Wasn't All Magic: The Early Struggle to Automate Cryptanalysis
SASC proposes folding DoD CIO into DCMO (FierceGovernmentIT) The Senate committee overseeing the Defense Department says the position of departmental chief information officer should be folded into the duties of the deputy chief management officer and the position of the DCMO elevated in authority to the level of undersecretary of defense
There's a new commander of Army Cyber Command (Defense Systems) U.S. Army Cyber Command is about to get its second command general since the command stood up in October 2010. The new commanding general will be MG Edward Cardon, who was nominated for the rank of lieutenant general and will take over the Fort
Litigation, Investigation, and Law Enforcement
Students cite EU data protection laws, challenge firms over NSA data transfers (Ars Technica) "US gag orders are not valid here," group says. In the wake of the disclosure of the National Security Agency's mass digital surveillance program, a group of Austrian students have filed a series of formal complaints with a number of European data protection agencies. The case could become the first legal proceeding challenging disclosure of non-American data to the American government on the basis of alleged violations of European Union data protection law
How Edward Snowden's encrypted insurance file might work (Quartz) Now we have a bit more clarity on what Edward Snowden meant last week when he said, "The US government is not going to be able to cover this up by jailing or murdering me. Truth is coming, and it cannot be stopped"
The US got Edward Snowden's middle name wrong on extradition documents (Quartz) Edward Snowden, NSA-leaker extraordinaire, is such a familiar face in world news that he's almost a household name. But for all the extensive NSA spying capabilities he revealed, US authorities were still not able to get his name right on extradition documents issued to Hong Kong, according to Rimsky Yuen, the city's justice secretary
US National Security Agency whistleblower must be protected, say MEPs (An Phoblacht) THE European United Left/Nordic Green Left (GUE/NGL) group of MEPs - which includes Sinn Féin MEP Martina Anderson - says US National Security Agency whistleblower Edward Snowden "must be protected as he is at serious risk of ill-treatment if
Greenwald: Snowden's Files Are Out There if 'Anything Happens' to Him (Daily Beast) As the U.S. government presses Moscow to extradite former National Security Agency contractor Edward Snowden, America's most wanted leaker has a plan B. The former NSA systems administrator has already given encoded files containing an archive of the secrets he lifted from his old employer to several people. If anything happens to Snowden, the files will be unlocked
How Edward Snowden's encrypted insurance file might work (Quartz) Now we have a bit more clarity on what Edward Snowden meant last week when he said, "The US government is not going to be able to cover this up by jailing or murdering me. Truth is coming, and it cannot be stopped"
If The U.S. Nabs Snowden (Chicago Tribune) Edward Snowden is doing his best to avoid falling into the hands of U.S. law enforcement, and he's not pretending he did nothing illegal. He has admitted disclosing classified secrets about surveillance programs conducted by the federal government, and doing that is clearly against the law
China Brushes Aside U.S. Warnings On Snowden (New York Times) China brushed aside on Tuesday the Obama administrations warning that allowing Edward J. Snowden, the former national security contractor, to flee Hong Kong would have negative consequences, and said that the relationship between the United States and China should continue unimpeded
Putin: No Grounds To Extradite Snowden (Washington Post) President Vladimir Putin revealed Tuesday that Edward Snowden was indeed here but would not be handed over, confirming Russia's willingness to confound the United States but offering few clues to the secret-spiller's mysterious journey
Where the U.S.—and Snowden—Could Go From Here (The Atlantic) The NSA leaker is in a transit zone in a Moscow airport, and Putin refuses to extradite him. Now what
'Meet the Press' Pundit With Financial Ties to NSA Misleadingly Slams Snowden (The Nation) On Meet the Press yesterday, shortly after host host David Gregory stunned many by suggesting that The Guardian's Glenn Greenwald should face prosecution, a roundtable of pundits discussed the unfolding Edward Snowden story. Mike Murphy, one of the Meet the Press pundits, mocked Snowden's attempt to seek asylum, calling him a "so-called whistleblower," and charging that "it's never been easier in human history to be a whistleblower" through official means
Why Ecuador? (Slate) As he talks to reporters and manages his WikiLeaks network, Australia-born Julian Assange is holed up in London's Ecuadorian embassy. Just last week, the country confirmed that Assange could continue to live there, avoiding extradition to Sweden. This announcement was made, naturally, by Ecuador's foreign minister. The country isn't exactly squeamish about its work in this area, and WikiLeaks enjoys a good working relationship with it, so it makes sense that Edward Snowden is asking Ecuador for asylum
WikiLeaks Soldier's Court-Martial Wrestles Online Evidence Rules (Reuters) The trial of a U.S. soldier accused of providing classified materials to WikiLeaks is unique for the size of the leak and also faces the unresolved cyber-age issue of whether Tweets and Web pages can be admitted as evidence
Former Icelandic minister asked "8 or 9" FBI agents to leave country (Ars Technica) Agents said they were there to stop hackers, were really investigating WikiLeaks
Trend Micro turns RAT catcher as Taiwan cops cuff hacker (Register) Security vendor Trend Micro has embiggened its industry collaboration credentials this week after helping Taiwanese police arrest one man in connection with a widespread targeted attack, and teaming up with Interpol on a new cyber crime prevention centre
Car hack attack a possible theory behind journalist's death (Help Net Security) The upcoming DEFCON hacking conference will have many presenters touching on a great number of subjects, including that of car hacking
Lulzsec hacker Davis freed, back on the Internet (Help Net Security) Jake Davis (aka Topiary), the former Lulzsec hacker and spokesman, has been released from the Feltham Young Offenders' Institution, where he spent 37 days following his sentencing in May. Having or
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
QUESTnet 2013 Conference (Gold Coast, Queensland, Australia, Jul 2 - 5, 2013) Queensland Education, Science and Technology Network (QUESTnet) is the Queensland regional component of the Australian Academic and Research Network (AARNet). The QUESTnet conference is an annual event aimed at ICT professionals who work closely with network technologies. A key focus of the event is to provide an opportunity for delegates to develop their professional and technical knowledge and to gain an appreciation of key strategic issues underpinning the development, deployment and maintenance of national and international telecommunications networks. The theme for this year's conference is "Clouds: In our way or enabling change?" The sub theme is "Adopting and Adapting to a new paradigm for supporting Research and Education".
NASA National Capital Region Industry Days (Washington, DC, USA, Jun 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in the marketplace.
AFCEA International Cyber Symposium 2013 (Baltimore, Maryland, USA, Jun 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government, the International Community, Industry and Academia, to discuss the development of robust cyberspace capabilities and partnerships. The AFCEA International Cyber Symposium 2013 focuses on the critical missions of U.S. Cyber Command and the interface with Army Cyber Command, Marine Corps Forces Cyber Command, 10th U.S. Fleet Cyber Command, 24th Air Force Cyber, Department of Homeland Security, U.S. Coast Guard, DoD-CIO, National Security Agency (NSA), Defense Information Systems Agency (DISA), Defense Advanced Research Projects Agency (DARPA), Academia, Industry partners. The operational theme " Defining Full Spectrum Global Cyberspace Operations" will explore the operational security of DoD and Industry Networks, Cyber Operations with Joint and Coalition partners, and discuss the training and development of the cyber workforce.
ShakaCon (Honolulu, Hawaii, USA, Jun 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better than "sun, surf, and C Shells?" There are intensive training classes on hacking mobile apps and even lock picking (the set of tools is included in the class registration).
Northern Virginia Technology Council: Security Threats: What Keeps You Awake at Night? (McLean, Virginia, USA, Jun 27, 2013) It's no secret that cybersecurity events are increasing in frequency and intensity. Many of these events are severe and pose significant risk to us as individuals, to our businesses, as well as our economy and national security. We've seen many reports in the press recently of well-funded nation states attempting to pilfer our networks in search of intellectual property. Every day bad guys are trying to gain access to our credit card information and other forms of personal information to steal our money and identities while others brazenly attempt to take over our data and systems and hold them for ransom. How is this happening? What can we do to protect ourselves? This conference addresses these issues.
American Technology Awards Technology and Government Dinner (Washington, DC, USA, Jun 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology networking event bringing hundreds of tech industry, congressional, and government leaders together at one venue to celebrate the partnership between industry and government.
Digital Forensics and Incident Response Summit (Austin, Texas, USA, Jul 9 - 10, 2013) The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world, Austin, Texas. The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. The 2013 theme is currently in development as the digital forensics and incident response community is constantly evolving and our content promises to be cutting-edge and relevant to ensure you will be able to utilize the ideas presented when you return to your organization.
London Summer 2013 (London, England, UK, Jul 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The Human" course.
GovConnects Business Breakfast: "Secured Space." What It Is - Who Has It - Who Needs It (UMUC, Dorsey Station, Elkridge, Jul 10, 2013) With today's Cyber threats, all businesses, institutions and the general public are at risk as never before. Learn about the lastest technologies, measures and solutions being used today and into tomorrow to protect your intellectual property.
3rd Cybersecurity Framework for Critical Infrastructure Workshop (San Diego, California, USA, Jul 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations, challenges and efforts needed to build this framework.
cybergamut Technical Tuesday: Remote Digital Forensics (Columbia, Maryland, USA, Jul 16, 2013) 'The remote control changed our lives. The remote control took over the timing of the world. Within three seconds, click, click, click. So can we do remote forensics?' Ken Zatyko of Assured Information Security will present results of a study into this question, including a look at related research and a trade study of the current state of the digital forensics industry. If you are interested in triage, validation, high speed networks, forward analysis, agents, and cloud computing this presentation is for you.
Mobility Solutions for the Federal Market (Falls Church, Virginia, USA, Jul 16, 2013) With the improvements in mobile technology, smart phones and tablets, DOD, DHS and Civilian agencies have an opportunity to improve their service delivery models and the programs that serve their constituents. In order to accomplish this, Agencies across all branches of government must understand how and where mobile technology can be leveraged, where it's already being successfully leveraged to improve service delivery, and identify the areas of improvement necessary within their agency or program to ensure today's workforce is leveraging mobile technology to help their agency accomplish their goals. Join us at this highly interactive July 16th Potomac Officers Club Mobility Summit where our speakers will be addressing strategic issues.
2013 World Comp (Las Vegas, Nevada, USA, Jul 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields of computer science, computer engineering, and applied computing.
Black Hat 2013 (Las Vegas, Nevada, USA, Jul 27 - Aug 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.