
The CyberWire Daily Briefing for 6.28.2013
It looked too effective for hacktivists, and it now seems the ongoing cyber campaign against South Korea is the work of the DarkSeoul gang (h/t Symantec). The PinkStats downloader and a new disk wiper have also been found in these attacks.
Hacktivists (or provocateurs) remain active as "Antileaks" hits Russia Today's site to protest Wikileaks. (Expect continuing hacktivist fraternal and sororal strife.) RedHack attacks Turkish government sites (and claims they've erased citizen debt). Islamist hacktivism rises in the Maghreb and Sahel, with effects felt in Africa, South Asia, Europe, and North America.
When malware becomes widely available, it evolves and spreads. It's happening with the venerable Citadel Trojan now—formerly targeting banks, it's now seen in exploits against e-commerce site users, like Amazon customers. Expect similar transformation and repurposing of Carberp. Note, too, that a commodity version of Zeus source code is also out.
Thefts of a laptop in Tennessee and backup tape in Iowa compromise personal information.
Cisco, Facebook, and Ruby all patch vulnerabilities.
The PRISM affair continues to induce people to mull the nature of privacy, and the "I-have-nothing-to-hide" school of thought appears to be losing this war of ideas. General Alexander responds to Guardian PRISM reporting with an account of how NSA did in fact work to safeguard privacy. Russia beats the UK with a diplomatic stick crafted from GCHQ surveillance allegations. The architect of China's Great Firewall retires amid surprising obloquy.
Retired General Cartwright is formally notified he's the target of an investigation into Stuxnet leaks.
Notes.
Today's issue includes events affecting Algeria, Brazil, China, Ecuador, France, Germany, Iceland, India, Republic of Korea, Mauritania, Nigeria, Russia, South Africa, Spain, Turkey, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Four Years of DarkSeoul Cyberattacks Against South Korea Continue on Anniversary of Korean War (Symantec) Yesterday, June 25, the Korean peninsula observed a series of cyberattacks coinciding with the 63rd anniversary of the start of the Korean War. While multiple attacks were conducted by multiple perpetrators, one of the distributed denial-of-service (DDoS) attacks observed yesterday against South Korean government websites can be directly linked to the DarkSeoul gang and Trojan.Castov
South Korean Cyber Attack Targeted Unpatched Systems (CSO) On the anniversary of the start of the Korean War, the DarkSeoul cyber gang launched an orchestrated attack against a number of government sites and servers
Symantec links South Korean cyber attacks to DarkSeoul gang (Computer Business Review) A gang called the 'Dark Seoul Gang' is said to be behind the cyber attacks on South Korea four years ago, which coincided with the 63rd anniversary of Korean War, according to research conducted by US security software maker Symantec. North Korea was
New Disk Wiper Found in Korean Attacks (Symantec) Yesterday, Symantec published details about a new distributed denial-of-service (DDoS) attack carried out by a gang dubbed "DarkSeoul" against South Korean websites. We identified their previous attacks against South Korea, including the devastating Jokra attacks in March 2013 that wiped numerous computer hard drives at South Korean banks and television broadcasters. As a result of our continued investigations into attacks against South Korea, we have come across a new threat—detected as Trojan.Korhigh—that attempts to perform a similar wiping action
Malicious program enhances APT campaign against South Korea (SC Magazine) PinkStats, a downloader that spreads additional malware once it infects its target, has been repeatedly used in advanced persistent threat (APT) campaigns around the globe over the past four years, researchers have found
Anti-Wikileaks Hackers Claim Credit for DDoS Attack Against 'Russia Today' (Legal Insurrection) If you happened to read my prior post, you're aware by now that today was Day One in the Trial of Accused Wikileaker Bradley Manning. One of the sites that has been reporting on the trial and the ongoing protests by supporters of Bradley Manning is Russia Today. The site has long offered coverage that is, shall we say, favorable to Manning and Wikileaks
RedHack launches cyber attack on Istanbul Special Provincial Administration (Hurriyet Daily News) The Turkish hacker group Redhack announced early June 28 that they had hacked into
New Breed of Banking Malware Hijacks Text Messages (Cyberwarzone) Out of band authentication communicating with a customer outside of his mobile banking app to verify his identity or a specific transaction is a generally respected means of deflecting mobile banking fraud
Self-propagating ZeuS-based source code/binaries offered for sale (Webroot Threat Blog) Like every ecosystem, the cybercrime ecosystem has its own set of market disrupting forces whose applicability and relevance truly shape the big picture at the end of the day. For years, cybercriminals have been porting, localizing (MPack/IcePack, FirePack) and further contributing to the the development of malware/crimeware/Web malware exploitation kits, either through direct cooperation with the original author of a particular release, or on the basis of leaked or commercially available source code
Fake Invoice Notification Malspam Uses Dropbox Link To Spread Malware (Trend Micro Threat Encyclopedia) The team received a mail sample recently, with the body of the mail written in Portuguese. Upon analysis, we discovered that the mail's FROM headers does not contain the same email domains and seems to be randomly generated. The mail's content talks about an issued invoice, and then goes on to ask the reader to click the link provided in the mail. The link, once clicked, would direct users to a legitimate dropbox link. The files that customer would download after clicking the link are far from legitimate, instead being malware which is detected by Trend Micro as TROJ_BANLOAD.IMO
Data-slurping Facebook Graph Search flaw revealed (Help Desk Security) A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 million phone numbers
Opera got pw0n3d: But did you get pw0n3d too? (Internet Storm Center) Opera recently suffered a compromisse to one of the servers it uses to distribute software updates. You probably read about the fact, that as part of this compromisse an expired certificate was used to sign malicious software. This software was then distributed using Opera's update servers. Users checking for updates during the time the malicious software was live automatically downloaded and installed the software using Opera's automatic update feature
Spyware Hides Behind Stolen Opera Digital Certificate (TrendLabs Security Intelligence Blog) Opera recently disclosed that attackers compromised their network and stole at least one expired Opera code signing certificate. The attackers then used this certificate to sign their malware, which tricked the target system and (even) security software into thinking that the file was legitimate
Citadel Trojan variant delivers localized content, targets Amazon customers (Threatpost) With builders for the Citadel Trojan freely available on any number of underground criminal forums, it's no surprise to see some legs left in the malware despite a takedown of more than 1,400 Citadel botnets less than a month ago by U.S. law enforcement and Microsoft. A new variant has popped up in the last few weeks targeting not only banks and financial institutions, but social networks and ecommerce websites such as Amazon
One-click/key attack forces IE and Chrome to execute malicious code (Ars Technica) Minimal user interaction increases chances that social engineering will succeed. A researcher says he has uncovered a security weakness that can easily trick people into executing malicious code when they use the Microsoft Internet Explorer and Google Chrome browsers to visit booby-trapped websites
Foundations Recovery Network Admits Security Breach (eSecurity Planet) Patients' names, birthdates, addresses, phone numbers, Social Security numbers and medical information may have been exposed. Tennessee's Foundations Recovery Network (FRN) recently began notifying patients that a company laptop was stolen from an employee's home during a buglary in the early morning hours of June 15, 2013
Iowa Human Services breach places 8,000 personal records at risk (SC Magazine) The personal information of former patients and employees at the Mental Health Institute in Independence, Iowa, as well as workers at other state facilities, may have been exposed after a backup computer tape went missing
Sextortion Warning: Masking Tape Time For Webcams (InformationWeek) New worries for the always-connected crowd: Attackers may remotely activate your webcam -- without tripping the warning light -- and remotely record your every activity, public and private. Is it time to invest in some masking tape? For years, malware known as remote-access tools (RATs) have included the ability to surreptitiously activate microphones and webcams -- dubbed "camjacking" -- amongst other nefarious activities, such as sucking up all of your bank account details
Mobile USB Drive HD 1.2 Shell Upload (Packet Storm) Mobile USB Drive HD version 1.2 suffers from a remote shell upload vulnerability
Barracuda CudaTel Communication Server 2.6.002.040 XSS (Packet Storm) Barracuda CudaTel Communication Server version 2.6.002.040 suffers from multiple script injection vulnerabilities
PCMan's FTP Server 2.0 Buffer Overflow (Packet Storm) PCMan's FTP Server version 2.0 remote buffer overflow exploit that leverages USER and pops calc.exe
eFile Wifi Transfer Manager 1.0 LFI / XSS (Packet Storm) eFile Wifi Transfer Manager version 1.0 for iOS suffers from local file inclusion and cross site scripting vulnerabilities
Apache Santuario XML Security For C++ Heap Overflow (Packet Storm) The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the processing of malformed XPointer expressions in the XML Signature Reference processing code. An attacker could use this to exploit an application performing signature verification if the application does not block the evaluation of such references prior to performing the verification step. The exploit would occur prior to the actual verification of the signature, so does not require authenticated content. Apache Santuario XML Security for C++ library versions prior to 1.7.2 are affected
Apple of discord (SecureList) As Apple's popularity grows, so does the desire among fraudsters to make money from the people who own the company's devices. The cybercriminals are aiming to steal Apple ID data which provides access to users' personal information stored in iCloud (e.g., photographs, contacts, documents, email, etc.) as well as to the purchases made in the company's iTunes Store. Many malicious users go further and try to the steal bank card details used to pay for those purchases
Security Patches, Mitigations, and Software Updates
Cisco fixes Web, email, content security appliance vulnerabilities (ZDNet) The networking giant has fixed a number of vulnerabilities that could allow hackers to remotely execute commands or disrupt critical processes
SMS Account Hijack Exploit Fixed by Facebook (Threatpost) A vulnerability existed in Facebook that an attacker could have exploited via SMS in order to take complete control of any mobile-linked account on the world's largest social network
OpenSSL Man-in-the-Middle Flaw Fixed in Ruby (Threatpost) The maintainers of Ruby have fixed a serious flaw in its SSL client that could have allowed an attacker to conduct man-in-the-middle attacks by spoofing an SSL server
Cyber Trends
Debate: Software developers are not incentivized to improve security (SC Magazine) Experts from SilverSky and Adobe Systems debate on whether or not software developers are incentivized to improve security
Cyber Jihadists battle governments from south Algeria to Nigeria (Cyberwarzone) In Nouakchott, a dusty city wedged between the Atlantic ocean and western dunes of the Sahara, a young hip-hop fan coordinates a diverse group of hackers targeting websites worldwide in the name of Islam
We All Have Secrets (Forbes) Here is a chilling thought regarding the wholesale surveillance that much of the world has only recently discovered they are subject to. What happens to the legal underpinnings of commerce: trust and the expectation of confidentiality in communication
Technology and the death of privacy (Help Net Security) After the PRISM scandal broke, there were a lot of those who said "So what? I have nothing to hide", but I am convinced that they didn't do a lot of thinking before saying it
Researchers: Health IT creates its own 'reality' (FierceHealthIT) Electronic records create a third "reality" in healthcare--one beyond the patient's physical reality and the clinician's understanding of the issues and treatment--and yet another way to miscommunicate, according to a new study
Mobile malware prevalence expands, but privacy-abusing apps should be top of mind (SC Magazine) A new study has found that mobile malware soared by more than 600 percent over the past year, but one security researcher said users should be more concerned about a far more likelier threat on their smartphones and tablets
Marketplace
Navy awards NGEN to incumbent HP Enterprise Services (FierceGovernmentIT) The Navy Department announced June 27 it awarded a $3.45 billion, 5 year contract to incumbent HP Enterprise Services for its Next Generation Enterprise Network information and communications technology contract
Entrepreneurs need not apply: Companies shun the self employed (Quartz) In this economy, some unlucky workers are getting snubbed—twice. Recession prompted millions of laid off workers and new graduates to jump into self-employment—some with enthusiasm and others with reluctance because they couldn't find anything better. Now, according to new research, it seems they aren't wanted back
Bruce Schneier joins EFF; stays with BT (Infosecurity Magazine) Schneier, author of Applied Cryptography, Secrets and Lies and other books, founder of Counterpane (now BT Managed Security Solutions), and designer of the Blowfish and Twofish encryption algorithms, has joined the board of EFF
Facebook pays $20K for easily exploitable flaw that could have led to account hijackings (Naked Security) UK researcher Jack Whitten found that a few easy back-and-forths with Facebook SMS updates on his mobile phone could let him reset passwords on others' accounts. Facebook gives him $20k for finding it
HP Wins $67 Million Spain Government Cloud Contract (InformationWeek) HP will migrate Catalonia's compute infrastructure and applications into an HP Enterprise Cloud facility
Lockheed Wins SBA Partnership Award (GovConExecutive) Lockheed Martin has won an award from the U.S. Small Business Administration to acknowledge the company's partnerships with small businesses, which Lockheed invested $6.4 billion in last year
Products, Services, and Solutions
Huawei's BYOD Solution Promotes Enterprise Mobile Revolution (InformationWeek) In 2012, over 20 percent of worldwide workers used their own personal devices in the office. Huawei showcases how embracing this new trend can improve productivity and make businesses more efficient
BinaryPig Uses Hadoop To Hunt For Patterns In Malware (Dark Reading) Malware analysis is an appropriate application of the techniques, because attackers are generating so many variants of their programs, as a way to dodge
Advanced threat detection from Cylance available for free (Help Net Security) The Cylance PrivateDETECT for endpoints is now ready for broad beta consumption as limited time freeware. Cylance's technological approach is to apply big math and science to security
Logicube® Sets a New Standard in Digital Forensics with Forensic Falcon (ForensicFocus) Logicube Inc., has announced the launch of a new forensic imaging solution, the Forensic Falcon. This new addition features imaging speeds of 20GB/min, images and verifies from 4 source drives to 5 destination drives and allows users to image to and from a network location. A unique feature of the Falcon is "Parallel Imaging" which allows the user to simultaneously perform two imaging tasks form the same source drive to multiple destinations using different imaging formats
Nuix Launches Two New Investigation Products (ForensicFocus) Nuix has launched two new products: a Nuix Investigator bundle and Nuix Investigator Lab. Both incorporate Nuix's powerful, reliable data collection, processing and investigation capabilities and are available at heavily reduced pricing for law enforcement and government investigative agencies in North America, the United Kingdom and the EMEA region
DFLabs Announces the Availability of Ptk 3.0 Computer Forensic Software (ForensicFocus) DFLabs, a leading provider of IT GRC and Digital Data Breach Investigations technologies and services, today announced the release of v3.0 of DFLabs PTK Computer Forensic software. PTK Forensics is an advanced computer forensic framework based on command line tools from the OS forensic market space to which many new software modules were added. Thanks to this approach, users can investigate a system much easier, without spending huge money for less affordable software
Preview of Mobile Support on Magnet Forensics' Internet Evidence Finder™ (Ief) (ForensicFocus) Over the past year we have been asked many times if we would consider adding support for recovery of Internet related artifacts on mobile devices. After a great deal of research and development, we are pleased to announce that IEF will soon have support for recovering artifacts from mobile images/file system dumps
Nuix and cellebrite announce technology partnership (ForensicFocus) Nuix, a worldwide provider of information management technologies, and Cellebrite, a global provider of mobile data extraction, decoding and analysis solutions, announced they have formed a technology partnership to leverage their complementary strengths in mobile forensics, investigation and eDiscovery. The alliance will enable forensic investigators, law enforcement, military and intelligence analysts and eDiscovery practitioners to efficiently incorporate forensically sound mobile device data into investigations and legal discovery procedures
Accessdata introduces Forensic Toolkit (Ftk) 5 (ForensicFocus) With this major release, AccessData brings an even faster and more comprehensive FTK capable of exposing more data in less time. FTK 5 includes data visualization and explicit image detection (EID) out of the box. These two critical investigative capabilities give FTK users a great advantage, compared to tackling these tasks with other products
Motorola Wireless Network Manager Gets DISA's OK (ExecutiveBiz) Motorola Solutions' wireless network security and infrastructure management solution has earned Defense Information Systems Agency certification
Bitdefender Internet Security 2014 (v17) (PC Advisor) New features this time start with what Bitdefender are calling their Photon technology, which they claim is "an innovative antivirus technology that accelerates scanning speed by gradually adapting to your PC". The suite now includes the Wallet, a
Duke Researchers Develop Tool to Protect User Passwords on Android (SecurityWeek) A group of researchers at Duke University have created a new tool designed to keep malicious applications from stealing user passwords from smartphones running Google Android
Technologies, Techniques, and Standards
Getting Real About Real-Time Security (SecurityWeek) I recently wrote in this space about the rise of the phrase "continuous monitoring" and the confusion it causes. In a nutshell, federal organizations, facing FISMA mandates, have very clear guidance on the meaning of the phrase. What they mean by it makes a ton of sense, but doesn't match what many people outside the Beltway think of first when they hear the term
FireEye: Malware attribution not key in cybercrime fight (ZDNet) The industry places too much emphasis on finding out the source of cyberattacks, which does little to improve the state of security. Instead resources should be invested in security innovation around mobile, social media and cloud
Email, Privacy, Strong Cryptography and the NSA Whistleblower (SYS-Con) Encryption is a broad term. Not all email encryption and methods of use are the same, in terms of privacy. There has been quite a buzz around the power of the alleged NSA eavesdropping considering the insights that the NSA Whistleblower, Edward Snowden, presented to the American public
Malware attackers leave behind digital clues (Infosecurity Magazine) Just as the science of fingerprints, DNA, and fiber analysis have become invaluable in criminal forensics, connecting the dots of an advanced cyber-attack can help identify even the most sophisticated threat actors – if researchers know what to look for
Parenting in the Information Age: A Practical Guide (Infosecurity Magazine) Research conducted in Hong Kong shows that blocking websites is no substitute for hands-on digital parenting. Former Hong Kong government CIO, Jeremy Godfrey, says governments should assist parents and teachers in getting up to speed, so they can help children have a positive and safe online experience
Design and Innovation
How the Rest of Us Can Build the Internet of Things (Wired) Ayla Networks isn't going after the cream of Silicon Valley with its cloud-based platform to connect everything from dog bowls to light switches to the internet. Instead, it is after everyone else
Marc Andreessen: Beijing Should Be Another Silicon Valley, But… (TechCrunch) Marc Andreessen, the Netscape co-founder and namesake behind venture capital firm Andreessen Horowitz, said that he's skeptical that efforts globally to recreate the Silicon Valley ecosystem will succeed. Even the most promising city and rival to the U.S.'s Silicon Valley, Beijing, faces lots of potential complications because laws around contracts aren't as straightforward as
Microsoft Understands Its Windows 8 Mistakes, Finally (InformationWeek) At Build conference, Microsoft CEO Steve Ballmer acknowledges that aspects of Windows 8 have bugged users -- and promises to address the issue
Research and Development
Energy Department Launches Initiative to Help Strengthen Cybersecurity (HPCwire) Led by the Energy Department in collaboration with industry experts, the Department of Homeland Security, and other stakeholders, the initiative will create a tool that allows owners and operators to assess their cybersecurity capabilities and
Academia
The most hated man on China's internet shouldn't expect any "get well soon" emails (Quartz) Most of the world has never heard of Fang Binxing, but the creator of the Great Firewall of China is all too familiar to Chinese internet users—and they really hate the guy. So when Fang, currently the president of Beijing University of Posts and Telecommunication, announced during the university's graduation ceremony that he was resigning, the reaction was brutally unkind
Legislation, Policy, and Regulation
Army restricts access to The Guardian in the wake of NSA leaks (Ars Technica) UK site blocked to prevent employees from accidentally accessing still-classified docs. On Thursday afternoon, The Monterey County Herald reported that the US Army was restricting access to the UK version of The Guardian's website. The Herald discovered yesterday that the site was blocked for military employees at the California-based Presidio of Monterey installation and confirmed today that the block was Army-wide
Russia, Turkey angered after report says U.K. hacked phone conversations, emails and bugged cafe at 2009 G-20 summit (National Post) A newspaper report that British eavesdropping agency GCHQ repeatedly hacked into foreign diplomats' phones and emails has prompted an angry response from traditional rival Russia and provoked demands for an investigation from Turkey and South Africa
The U.S. Senate Wants to Control Malware Like It's a Missile (Foreign Policy) The Senate Armed Services Committee wants to get control of those pesky cyber weapons that are available for purchase by just about anyone by establishing an arms control regime along the lines of what's done for missiles, tanks, and fighter jets
How The NSA Is Still Harvesting Your Online Data (Business Insider Australia) A review of top-secret NSA documents suggests that the surveillance agency still collects and sifts through large quantities of Americans' online data – despite the Obama administration's insistence that the program that began under Bush ended in 2011
Details Emerge On NSA's Now-Ended Internet Program (Wall Street Journal) Newly divulged documents confirm that the National Security Agency collected vast amounts of "metadata" about domestic Internet and email use, beginning under the Bush administration and continuing into the Obama presidency
Report: NSA collected U.S. email records, Internet use for years (CSO) The Bush White House authorized the NSA to collect US records following the 9/11 attacks, documents show. The U.S. National Security Agency collected the email and Internet use records of some U.S. residents for about a decade following the 9/11 terrorist attacks, according to documents published Thursday by the U.K. newspaper the Guardian
Surveillance Aided 54 Cases, NSA Says (Washington Post) Gen. Keith B. Alexander, the director of the National Security Agency, provided new details Thursday about the extent to which the government believes its sweeping surveillance powers have led to the disruption of terrorist plots or the arrest of suspects
Snowden Leaks Delay US Anti-Hacking Law Favored by Verizon (Businessweek) Legislation to give Verizon Communications Inc. (VZ) and Google Inc. (GOOG) legal protection for sharing cyber-attack information with the U.S. government has stalled after leaks about spy programs showed the companies are already turning over data
FTC's 'Reclaim Your Name' alone won't rein in data brokers, experts say (CSO) Voluntary program welcomed, but advocates would like to see the agency do more with the authority it has to guard consumer privacy online
NSA Chief on Email Collection: NSA Deleted Data, Wanted to Protect Privacy (ABC News) Alexander spoke at the Armed Forces Communications and Electronics Association's International Cyber Symposium–sponsored in part by Booz Allen Hamilton and Verizon–at the Baltimore Convention Center, before about 600 cyber-industry and military
US defence chief rejects Chinese cyber snooping comparison (The Age) The top US military officer on Thursday dismissed comparisons of Chinese and American snooping in cyber space, saying all countries gathered intelligence on their potential adversaries but Beijing's problematic "niche" was intellectual property theft
Battle of the Clipper Chip (New York Times) On a sunny spring day in Mountain View, Calif., 50 angry activists are plotting against the United States Government. They may not look subversive sitting around a conference table dressed in T-shirts and jeans and eating burritos, but they are self-proclaimed saboteurs. They are the Cypherpunks, a loose confederation of computer hackers, hardware engineers and high-tech rabble-rousers
Official Describes Joint Information Environment Blueprint (Department of Defense) Ronnie D. Hawkins Jr. expressed confidence that DISA -- working with U.S. Cyber Command, the National Security Agency and the services -- can offer enhanced cyber and warfighter command and control capabilities with a single security architecture
US Defense Dept. Readies Elements Crucial To Cyber Operations (Eurasia Review) Hard work by the administration, the services and the leadership at U.S. Cyber Command is putting in place elements crucial to defending U.S. and allied interests in cyberspace, the deputy assistant secretary of defense for cyber policy said in a
Dempsey: China Doesn't Think Cyber Theft is Wrong (DefenseNews.com) Part of the work to bolster US capabilities has been the establishment of US Cyber Command (CYBERCOM) in 2010, a sub unified command under US Strategic Command (STRATCOM) led by Gen. Keith Alexander, who also leads the National Security
Pentagon Is Updating Conflict Rules In Cyberspace (New York Times) The Pentagon is updating its classified rules for warfare in cyberspace for the first time in seven years, an acknowledgment of the growing threat posed by computer-network attacks and the need for the United States to improve its defenses and increase the nimbleness of its response, the nation's top military officer said Thursday
US Army Reviews Rules of Engagement over Cyber Threat (SecurityWeek) The US military is reviewing its rules of engagement to deal with the growing threat of cyber crime, military chief Martin Dempsey said Thursday. Dempsey, the Chairman of the Joint Chiefs of Staff, the highest-ranking officer in the US military, said the review was in response to soaring cyber attacks
Police notebooks to be replaced by smartphones as justice system goes digital (The Telegraph) Police notebooks are to be replaced by smartphones and all court documents are to be presented on screen in a move to fully digitalise the criminal justice system
UK authorities launch crime unit to tackle online piracy (VentureBeat) Can't wait to watch Brad Pitt face off against a Zombie pandemic? You'll have to shell out for a movie ticket, as torrent sites may soon be a thing of the past
Litigation, Investigation, and Law Enforcement
Four-Star General Is Targeted In Leak Probe (Washington Post) A retired four-star Marine Corps general who served as the nation's second-ranking military officer is a target of a Justice Department investigation into a leak of information about a covert U.S.-Israeli cyberattack on Iran's nuclear program, a senior Obama administration official said
Report: U.S. general under investigation for Stuxnet leak (CSO) Retired Marine Gen. James Cartwright was formerly a vice chairman of the Joint Chiefs of Staff. A former high-ranking U.S. military official is reportedly under investigation for leaking classified information related to the use of malicious software to disrupt Iran's uranium refinement program
Snowden"s father says former contractor may return if conditions met (Reuters) The father of former U.S. spy agency contractor Edward Snowden said in an interview that while he has not had recent contact with him, he is reasonably confident
Snowden has much more info, says Assange (Sydney Morning Herald) On June 12, Mr Snowden told the South China Morning Post that his position at the intelligence contractor Booz Allen Hamilton had granted him "access to lists of machines all over the world the NSA hacked". He revealed specific institutions in Hong Kong
US sources claim China and Russia got access to Snowden's computers (Russia Today) Snowden, a 30-year-old former employee of intelligence contractor Booz Allen Hamilton, fled the US for Hong Kong last month and then supplied journalists with classified information pertaining to vast surveillance operations conducted by the American
SC dismisses PIL on US snooping (Hindustan Times) The Supreme Court on Thursday refused to entertain a PIL seeking direction to the government to initiate action against Internet companies involved in sharing Internet data from India with US' National Security Agency. The apex court said it cannot
Snowden: A tale of security lapses and other US errors (Chicago Tribune) Here are some key areas of concern that have emerged following the leaks by Snowden, who most recently worked as a contractor for the U.S. National Security Agency: 2011 BACKGROUND CHECK Snowden's 2011 background investigation, to renew his
Obama says US won't negotiate for Snowden's return as Ecuador ends trade ties (Washington Post) The whereabouts of Edward Snowden, the former National Security Agency contractor who publicized secret documents describing U.S. surveillance and intelligence operations earlier this month, remain uncertain. According to Russian authorities, Snowden
The Criminal N.S.A. (New York Times) The twin revelations that telecom carriers have been secretly giving the National Security Agency information about Americans' phone calls, and that the N.S.A. has been capturing e-mail and other private communications from Internet companies as part of a secret program called Prism, have not enraged most Americans. Lulled, perhaps, by the Obama administration's claims that these "modest encroachments on privacy" were approved by Congress and by federal judges, public opinion quickly migrated from shock to "meh."
Teenage WikiLeaks volunteer: Why I served as an FBI informant (Ars Technica) Sigurdur Thordarson got $5,000 for handing over 1TB of WikiLeaks data. A young Icelandic boy's journey as an informant all began with a cryptic e-mail sent to the United States Embassy in Reykjavík
FSB illegally obtained the conversation from Facebook between Vrublevsky and Kurochkina (Cyberwarzone) During the hearing in Tushino court correspondence taken from Facebook was attached to criminal case materials. The text of this conversation that belongs to Pavel Vrublevsky who is accused in regard with the criminal case on DDoS-attack towards Aeroflot and witness Anastasia Kurochkina was obtained as a result of unauthorized special investigation activities. The court allowed only coulisse from technical communication channels that is official coulisse of documents where the protocol of coulisse had to be made. "However, experts from Information Security Center of FSB, ignoring the international conventions and agreements, illegally obtained necessary data using SIA. The above was reported in the letter to Tushino District Court of Moscow, having referred that such data can't be obtained legally" - stated lawyer Pavel Zaytsev
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
ShakaCon (Honolulu, Hawaii, USA, Jun 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better than "sun, surf, and C Shells?" There are intensive training classes on hacking mobile apps and even lock picking (the set of tools is included in the class registration).
American Technology Awards Technology and Government Dinner (Washington, DC, USA, Jun 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology networking event bringing hundreds of tech industry, congressional, and government leaders together at one venue to celebrate the partnership between industry and government.
QUESTnet 2013 Conference (Gold Coast, Queensland, Australia, Jul 2 - 5, 2013) Queensland Education, Science and Technology Network (QUESTnet) is the Queensland regional component of the Australian Academic and Research Network (AARNet). The QUESTnet conference is an annual event aimed at ICT professionals who work closely with network technologies. A key focus of the event is to provide an opportunity for delegates to develop their professional and technical knowledge and to gain an appreciation of key strategic issues underpinning the development, deployment and maintenance of national and international telecommunications networks. The theme for this year's conference is "Clouds: In our way or enabling change?" The sub theme is "Adopting and Adapting to a new paradigm for supporting Research and Education".
Digital Forensics and Incident Response Summit (Austin, Texas, USA, Jul 9 - 10, 2013) The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world, Austin, Texas. The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. The 2013 theme is currently in development as the digital forensics and incident response community is constantly evolving and our content promises to be cutting-edge and relevant to ensure you will be able to utilize the ideas presented when you return to your organization.
London Summer 2013 (London, England, UK, Jul 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The Human" course.
GovConnects Business Breakfast: "Secured Space." What It Is - Who Has It - Who Needs It (UMUC, Dorsey Station, Elkridge, Jul 10, 2013) With today's Cyber threats, all businesses, institutions and the general public are at risk as never before. Learn about the lastest technologies, measures and solutions being used today and into tomorrow to protect your intellectual property.
3rd Cybersecurity Framework for Critical Infrastructure Workshop (San Diego, California, USA, Jul 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations, challenges and efforts needed to build this framework.
cybergamut Technical Tuesday: Remote Digital Forensics (Columbia, Maryland, USA, Jul 16, 2013) 'The remote control changed our lives. The remote control took over the timing of the world. Within three seconds, click, click, click. So can we do remote forensics?' Ken Zatyko of Assured Information Security will present results of a study into this question, including a look at related research and a trade study of the current state of the digital forensics industry. If you are interested in triage, validation, high speed networks, forward analysis, agents, and cloud computing this presentation is for you.
Mobility Solutions for the Federal Market (Falls Church, Virginia, USA, Jul 16, 2013) With the improvements in mobile technology, smart phones and tablets, DOD, DHS and Civilian agencies have an opportunity to improve their service delivery models and the programs that serve their constituents. In order to accomplish this, Agencies across all branches of government must understand how and where mobile technology can be leveraged, where it's already being successfully leveraged to improve service delivery, and identify the areas of improvement necessary within their agency or program to ensure today's workforce is leveraging mobile technology to help their agency accomplish their goals. Join us at this highly interactive July 16th Potomac Officers Club Mobility Summit where our speakers will be addressing strategic issues.
2013 World Comp (Las Vegas, Nevada, USA, Jul 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields of computer science, computer engineering, and applied computing.
Black Hat 2013 (Las Vegas, Nevada, USA, Jul 27 - Aug 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.