Cyber Attacks, Threats, and Vulnerabilities
NSA Snooping Scandal: US Spied and 'Conducted Cyber-Attack' Against EU (IBTimes.co.uk) The most chilling claim in the secret report from 2010 is that Brussels was subjected to a cyber-attack at its offices in New York and Washington, which was later traced back to a Nato building used by US officials. Papers suggest US spies eavesdropped
US reportedly bugged EU offices, computer networks (ABC Online) The allegations are based on a "top secret" document from the National Security Agency (NSA), dated September 2010, that was allegedly stolen by fugitive Edward Snowden. The document, which has been seen in part by Der Spiegel journalists, is said to
Attacks from America: NSA Spied on European Union Offices (Der Spiegel) America's NSA intelligence service allegedly targeted the European Union with its spying activities. According to SPIEGEL information, the US placed bugs in the EU representation in Washington and infiltrated its computer network. Cyber attacks were also perpetrated against Brussels in New York and Washington
Europeans Demand Answers Over Alleged US Bugging (SecurityWeek) The European Union angrily demanded answers from the United States on Sunday over allegations Washington had bugged its offices, the latest spying claim attributed to fugitive leaker Edward Snowden
European officials slam US over bugging report (Cyberwarzone) Senior European officials expressed concern Sunday at reports that U.S. intelligence agents bugged EU offices on both sides of the Atlantic, with some leftist lawmakers calling for concrete sanctions against Washington
Around 100000 members of Korea's presidential office site hacked (Arirang News) We reported earlier last week that the website of Korea's presidential office of Cheong Wa Dae came under a cyber-attack on Tuesday and on this Sunday, new reports show that personal information of around 100-thousand Cheong Wa Dae website
Research sheds light on "Dark Seoul" sabotage gang (SC Magazine) Over the past four years a politically motivated group has targeted companies, mostly in South Korea, by planting trojans capable of wiping data, shuttering websites through distributed denial-of-service (DDoS) attacks and stealing sensitive corporate information
Anonymous attack on South Korea presidential site & massive data leak (Cyberwarzone) Personal information from roughly 100,000 people was leaked in a recent hacking attack on the presidential office, a presidential official said Sunday, in the first confirmed data leakage involving the top South Korean office
University of Neoliberal Arts & REDNET Institute Brasil Hacked, Accounts Leaked (Hack Read) The hackers from NullCrew are back in news with their latest attack, this time the crew has attacked the official website of University of Neoliberal Arts and a Brazilian based technology institute REDNET. The hack was announced by the hackers on their official Twitter account which shows 146 accounts from University of Neoliberal Arts and around 1000 accounts
University of South Carolina Acknowledges Security Breach (eSecurity Planet) More than 6,000 students' names, e-mail addresses and Social Security numbers may have been exposed
HTTPS Side-Channel Attack A Tool For Encrypted Secret Theft (Dark Reading) Researchers to release details on how SSL vulnerability gives attackers ability to steal everything from OAuth tokens to PII through an enterprise app in just 30 seconds. A new side channel vulnerability in HTTPS traffic could make it possible for targeted attackers to dig up secrets like session identifiers, CSRF tokens, OAuth tokens, and ViewState hidden fields without users ever being the wiser, say researchers who will explain how the attack could work at this year's Black Hat
How cybercriminals create and operate Android-based botnets (Webroot Threat Blog) On their way to acquire the latest and coolest Android game or application, end users with outdated situational awareness on the latest threats facing them often not only undermine the confidentiality and integrity of their devices, but also, can unknowingly expose critical business data to the cybercriminals who managed to infect their devices
Blackhole Exploit Kit Campaign Takes Interest in Pinterest (TrenLabs Threat Encyclopedia) Pinterest has actively been used in different spam campaigns in the past - from basic phishing to complicated spam techniques incorporating salad words and invisible ink. Blackhole Exploit Kit (BHEK) spam campaigns have also been known to us for quite some time. BHEK spam campaigns are known to use popular brand names and websites to lure users
TSPY_FAREIT.ACU (TrendLabs Threat Encyclopedia) This malware guises as an Opera update. Cybercriminals behind this threat stole an outdated Opera digital certificate, which they used to sign this malware
Malwarebytes finds Malware Pretending to be Emulator of Xbox One (SpamfighterNews) Malwarebytes the security company says that its researchers have found one malware that pretends to be an emulator of the movie-game Xbox One, while dupes gamers keenly looking forward to the forthcoming online games console such that they'll download the malware
Anatomy of a browser trick - you've heard of "clickjacking", now meet "keyjacking"… (Naked Security) An Italian security researcher has rediscovered a trick known as user interface redressing
Several Flaws Discovered in ZRTPCPP Library Used in Secure Phone Apps (Threatpost) A security researcher has uncovered a number of serious vulnerabilities in one of the core security components of several secure telephony applications, including the Silent Circle system developed by PGP creator Phil Zimmermann. The vulnerabilities in the GNU ZRTPCPP library already have been addressed in a new version of the library and Silent Circle has implemented a fix, as well
Facebook's outmoded Web crypto opens door to NSA spying (CNET) It's relatively easy for the National Security Agency's spooks to break outdated Web encryption after vacuuming up data from fiber taps, cryptographers say. But Facebook is still using it
Cyber Attacks Targeted Key Components of Natural Gas Pipeline Systems (SecurityWeek) Attackers Used Brute Force Attacks Against Internet-Facing Controls Systems at Gas Compressor Stations. In its latest monthly report designed to promote preparedness, information sharing, and collaboration across infrastructure sectors, The Department of Homeland Security's ICS-CERT publicly revealed information on a series of attacks that targeted gas compressor station operators earlier this year
Opera developers explain why malicious "update" wasn't detected (Help Net Security) Opera Software has finally come out with more details about the recent compromise of its internal infrastructure, the theft of an expired code signing certificate, and the delivery of malware signed
IE, Chrome Browser Attack Exploits Windows PCs (InformationWeek) Microsoft says the social-engineering vulnerability, which uses "pop-under" browser notifications and a fake Captcha, isn't a Windows bug
Security Patches, Mitigations, and Software Updates
Microsoft Moves To Weekly Software Updates (InformationWeek) Microsoft aims to match competitors with weekly updates to Office, Outlook and other Windows 8 apps beginning later this year
Cisco issues IronPort patch (The Register) Vuln exposed systems to remote crash, takeover. Cisco has issued a patch for vulnerabilities that exposed its IronPort AsyncOS software for the Cisco e-mail security appliance to cover denial-of-service and command injection problems
Cyber Trends
Britain: Cyber-Attacks on 'Industrial Scale' Steal Business Secrets (IBTimes.co.uk) Though GCHQ has not attributed attacks to any specific foreign intelligence service, the United States previously implicated China in cyber-attacks against American businesses. China, Saudi threat. In a recent annual report to US Congress, The Pentagon
Cyber Threat is Real and Mobile (Mobile Enterprise) The company works with the U.S. Central Command and the Department of Homeland Security among other agencies. "The way we view cyber -- and it's disturbing to some -- but cyber is not tangible," he said. The U.S. military covers sea, air, land and
Complacent staff weak link in combating cyber criminals (Financial Times) Many companies - like the world's superpowers - are loathe to admit explicitly just how much data they have collected and would be embarrassed to own up to a cyber attack. Governments are working to encourage more disclosure to help to form a united
Is The Internet Worth It? (Washington Post) So much depends on the Internet that its vulnerability to sabotage invites doomsday visions of the breakdown of order and trust. In a report, the Defense Science Board, an advisory group to the Pentagon, acknowledged "staggering losses" of information involving weapons design and combat methods to hackers (not identified, but probably Chinese). In the future, hackers might disarm military units
5 Tech Trends that Explain the Evolution of Online Threats (Zeltser) Information security professionals need to keep an eye on the always-evolving cyber threat landscape. Accomplishing this involves understanding how changes in people's use of technology influence the opportunities and techniques pursued by criminals on-line. Below are 5 tech trends that have affected the evolution of threats
DHS Report: Energy Sector Now a Bigger Target for Cyber Attackers (Wall Street Journal) The energy sector is reporting an enormous increase in the number of attempted cyber attacks in 2013, according to a new report from the Department of Homeland Security. Some of the new attempted attacks have included the industrial control systems of
Abuse of mobile app permissions (Help Net Security) McAfee Labs found that under the camouflage of "free" apps, criminals are able to get consumers to agree to invasive permissions that allow scammers to deploy malware. The permissions in free apps
Most Internet users have fallen victim to malware (Help Net Security) The current state of cyber-security has left US Internet users anxious about hacks and password theft. Despite constant victimization, the majority are not using two-factor authentication and are left
Marketplace
Global Cyber Crowd Convenes in Maryland (DBED) Last month, 200 cybersecurity executives from the U.S., Canada and the U.K. gathered in Annapolis for Cross Tech, a two-day conference at which attendees discussed cyber solutions and showcased collaborations in information assurance between the private and public sectors. Cyber executives from Canada and the U.K. were also given the opportunity to present their technologies and companies to U.S. experts in hopes of developing international connections, partnerships and business opportunities
Palantir is helping California police develop controversial license plate database (The Verge) According to the report, the company is party to a $340,000 contract to build the new infrastructure. The project is being spearheaded by the Northern California Intelligence Research Center -- an office set up after the 9/11 terror attacks to enable
Raytheon acquires Visual Analytics, a Maryland-based analytics business (Government Security News) As one of the largest processors of data for the intelligence community, Raytheon has extensive experience handling large data sets and providing actionable information to its customers. The acquisition of Visual Analytics, of Frederick, MD, will add
Oracle's Week Of Mega Deals Leaves Questions (InformationWeek) As Salesforce.com CEO Marc Benioff heaps compliments on Larry Ellison, what's the future for Oracle cloud apps, Force.com
Products, Services, and Solutions
Apple gains FIPS 140 level 2 cryptographic compliance for A4, A5 chips (The Next Web) According to the definitions provided by Certicom, "IPS 140-2 Validation is required for sale of products implementing cryptography to the Federal Government. If you don't have FIPS 140-2 Validation for your product, and can't show that you are going
Procera Networks to Showcase Dynamic LiveView at QUESTnet 2013 (MarketWatch) Procera Networks, Inc. (NASDAQ:PKT) , the global network intelligence company, today announced it will
Machine-Learning Project Sifts Through Big Security Data (Dark Reading) As the volume of data created by security and network devices multiplies, researchers look for ways to teach computer to better highlight attack patterns. As an information-security consultant, Alexandre Pinto spent 12 years helping companies set up difficult-to-configure systems to cull security intelligence from logs and security events
Iran introduces domestically-made antivirus Padvish (Trend) Iranian engineers have managed to develop an antivirus which can compete with foreign rivals, the Mehr News Agency reported
Explore, analyze and visualize data in Hadoop (Help Net Security) Splunk announced the beta version of Hunk: Splunk Analytics for Hadoop, a new software product that integrates exploration, analysis and visualisation of data in Hadoop. Hunk drives improvements
Bitdefender's Total Security 2014 now faster, adds password manager (PC Authority) Antivirus Plus, Internet Security and Total Security all now include Bitdefender's new Photon technology, which it's claimed "tailor-fits to each user's computer for fast scanning, a quicker boot time, smooth interaction with apps and the same award
Google boosts BYOD management features for Android devices (FierceMobileIT) Google (NASDAQ: GOOG) announced Thursday that it is adding a number of BYOD management features to Android devices, including selective wipe and Wi-Fi configuration capabilities
An HP smartphone is in the works, says director (Ars Technica) Android? webOS? Firefox OS? Jolla? HP's allegiance is yet to be declared
Technologies, Techniques, and Standards
Certifying Forensics for Information Security (eSecurity Planet) As threats and breaches continues to grow, there is a need for a new type of certified professional. In the fight to help secure and remediate modern security risks, there is need for a host of professionals with the certified skills to get the job done. But what happens when there is no certification
NIST Cybersecurity Framework (Internet Storm Center) The NIST has published a voluntary framework to reduce cyber risk to critical infrastructure as a result of a directive inside the President's execute order for improving critical infrastructure cybersecurity
A smarter approach to defend against advanced persistent threats (SC Magazine UK) Layered security is still needed, but now you must look to new forms of malware analysis. Malware analysis involves both static and dynamic techniques
Can you trust your online backup service? (Help Net Security) While having lots of digital storage space at your physical location may be cheap nowadays, it's also very useful to have offsite backups - not only in the event of a major natural disaster or theft
Google offers tips on Wi-Fi security (FierceCIO: TechWatch) In a new post titled "Securing your Wi-Fi network" on Google's official blog, technical program manager John Munoz offered a number on tips what home users can do to improve their Wi-Fi security. Though directed at consumers, these suggestions can also be useful to wireless networks deployed within businesses, especially for branch or remote offices that may employ a more simplistic infrastructure
Lotus F1 builds a secure, reliable network (Infosecurity Magazine) While the Lotus F1 Team prepares for the British Grand Prix at Silverstone this weekend, Infosecurity talked to its CIO about the network and security demands in a very unusual business
Password complexity rules more annoying, less effective than length ones (Ars Technica) Long-length rule results in harder-to-crack passwords than a short/complex one. Few Internet frustrations are so familiar as the password restriction. After creating a few (dozen) logins for all our Web presences, the use of symbols, mixed cases, and numbers seems less like a security measure and more like a torture device when it comes to remembering a complex password on a little-used site. But at least that variety of characters keeps you safe, right? As it turns out, there is some contrary research that supports both how frustrating these restrictions are and suggests it's possible that the positive effect of complexity rules on security may not be as great as long length requirements
Design and Innovation
This might be the dorkiest security advice we've seen (VentureBeat) Symantec has put together perhaps the dorkiest security advice: an entire comic strip on how Shadow IT affects a business. And it reads like an 80s after-school special. We kind of love it
Research and Development
Is It the Dawn of the Encryption App? (Mashable) Amidst prying eyes, a small but growing group of hackers and programmers is working on applications that use cryptography -- the science of creating techniques to hide data and render it readable only to intended recipients -- to fight surveillance and
Wi-Vi: Seeing through walls with Wi-Fi signals (Help Net Security) Two MIT researchers have created Wi-Vi, an experimental system that uses Wi-Fi signals to track moving objects - usually people - behind a wall and in closed rooms. The system works on the same
Academia
St. Philip's earns NSA designation for cyber-security curriculum (San Antonio Business Journal) National Security Agency and Department of Homeland Security officials upgraded St. Philip's College's cyber-security program as a National Center of Academic Excellence in Information Assurance. St. Philip's College offers both online and on-campus
Legislation, Policy, and Regulation
Joint Chiefs Chair Talks Security at Brookings (Threatpost) General Martin Dempsey, Chairman of the Joint Chiefs of Staff, made clear yesterday in a speech to the Brookings Institution that the military, government, and private sector each has a role to play in hardening the U.S. against cyberattacks
Hayden: Open spy programs to reassure US public (MiamiHerald.com) The former director of the CIA and National Security Agency says the government should release more information about its secretive surveillance programs to reassure Americans that their privacy rights are being protected. Michael Hayden
US senators demand to know from Clapper extent and benefits of spy program (PCWorld) A group of 26 U.S. senators, cutting across party lines, are seeking "public answers" on whether the National Security Agency collected in bulk other data such as credit card purchases and financial information in the U.S. besides phone records
Ex-US spy agency chief wants controls on unchecked data access (Chicago Tribune) Former National Security Agency director Mike McConnell, who now works for defense contractor Booz Allen Hamilton, said people employed to sift through classified government data should not have solo access to the information
Spying on Allies (Lawfare) The emerging controversy about the USG spying on European allies brings to mind the ECHELON controversy a dozen years ago. (FAS has a page that collects information on ECHELON.) ECHELON was a signals intelligence collection program (or programs) by the USG and its anglophile allies. Its means and scope were always uncertain, but it involved large-scale collection, including in Europe. According to the European Parliament report on the topic, ECHELON had the global capacity "to intercept any telephone, fax, Internet or e-mail message sent by any individual and thus to inspect its contents"
E.U. Angry Over Spying Allegations (Washington Post) European leaders reacted with fury Sunday to allegations in a German newsmagazine that the United States had conducted a wide-ranging effort to monitor European Union diplomatic offices and computer networks, with some saying that they expected such surveillance from enemies, not their closest economic partner
EU Warns Trade Deal Under Threat Over US Bugging Claims (SecurityWeek) A long-awaited trade deal between the European Union and the United States could be in jeopardy over allegations that Washington bugged EU offices, European Justice Commissioner Viviane Reding warned on Sunday
Snowden's Leaks Cloud U.S. Plan to Curb Chinese Hacking (Bloomberg) The Obama administration's strategy for confronting China over the theft of commercial technology has been battered by Edward Snowden's disclosures of U.S. spying, leaving officials rushing to salvage a plan they crafted in secret over the past two years
NSA Surveillance Prompts Several Bills But Little Action In Congress (Huffington Post) In the three weeks since Edward Snowden revealed the National Security Agency's widespread surveillance programs, the legislative response to his revelations on Capitol Hill has slowed to a glacial pace and public obsession has
Outcry over PRISM spying delays CISPA and other cyber bills from moving forward (The Verge) But those bills, including the controversial Cyber Intelligence Sharing and Protection Act (CISPA), look like they will be spending even more time in legislative limbo. Bloomberg news reports today that House and Senate lawmakers are holding back on
Misinformation on classified NSA programs includes statements by senior US officials (Washington Post) Amid the cascading disclosures about National Security Agency surveillance programs, the top lawyer in the U.S. intelligence community opened his remarks at a rare public appearance last week with a lament about how much of the information being
A Trail Of Inaccuracy About NSA Programs (Washington Post) U.S. officials have parsed, hedged and misstated facts
Give it up; the National Security Agency knows everything … EVERYTHING (StandardNet) If there's one positive thing to come out of the NSA-surveillance scandal, it's that so many Americans consider it outrageous. Apparently, most of the public honestly believed the government wasn't already spying on all of us all the time
Why Obama Was Never Going To Be A Civil Liberties Champion (TechCrunch) Barack Obama was never going to be a champion of civil liberties; he leads a very old and quickly growing strain of the Democratic party that prioritizes the collective good over individual rights. This coercively inclusive worldview feels that every business, government agency, country, and citizen has an obligation to contribute to the greater good
How a 30-year-old lawyer exposed NSA mass surveillance of Americans--in 1975 (Ars Technica) Project SHAMROCK allowed the NSA to intercept telegrams sent by US citizens.US intelligence agencies have sprung so many leaks over the last few years--black sites, rendition, drone strikes, secret fiber taps, dragnet phone record surveillance, Internet metadata collection, PRISM, etc, etc--that it can be difficult to remember just how truly difficult operations like the NSA have been to penetrate historically. Critics today charge that the US surveillance state has become a self-perpetuating, insular leviathan that essentially makes its own rules under minimal oversight. Back in 1975, however, the situation was likely even worse. The NSA literally "never before had an oversight relationship with the Congress." Creating that relationship fell to an unlikely man: 30 year old lawyer L. Britt Snider, who knew almost nothing about foreign intelligence
The NSA's early years: Exposed! (Salon) "One of the gravest crises in the history of American cryptanalysis," writes historian Colin Burke, led directly to the 1949 mergingof the SIS and OP-20-G
Why the US doesn't use cyber-weapons to attack its enemies more often (Quartz) Mike McConnell, vice chairman at government contractor Booz Allen Hamilton and former head of the National Security Agency and US director of National Intelligence, says the US has the best capabilities in the world for cyber-attacking and "can do some
"Cyber Attack on the US Could be Met with Conventional Military Response" (Defense Update) Three types of teams will operate around the clock at Cyber Command, Dempsey said. National mission teams will counter adversary cyberattacks on the United States. A second and larger set of teams will support combatant commanders as they execute
US spy device 'tested on NZ public' (Cyberwarzone) A high-tech United States surveillance tool which sweeps up all communications without a warrant was sent to New Zealand for testing on the public, according to an espionage expert. The tool was called ThinThread and it worked by automatically intercepting phone, email and internet information
India's new surveillance network will make the NSA green with envy (Quartz) India doesn't seem to worry that the surveillance scandal recently rocking the US might perturb its own citizens. The country is going ahead with an ambitious program that will let it monitor any one of its 900 million telecom subscribers and 120 million internet users
Turkey heads for Twitter showdown after anti-government protests (The Guardian) Government asks Twitter to set up 'representative office' inside Turkey in move that could presage censorship of service
SAF beefs up capabilities to quash cyber threats (AsiaOne) Although more details of the Cyber Defence Operations Hub were not revealed, Mr David Siah, Trend Micro Singapore's country manager, said today's cyber attacks extend beyond delivering malware, to establishing lasting footholds inside networks
Litigation, Investigation, and Law Enforcement
Encryption Has Foiled Wiretaps for First Time Ever, Feds Say (Wired) Encryption for the first time is thwarting government surveillance efforts through court-approved wiretaps, U.S. officials said today. The disclosure, buried in a report by the U.S. agency that oversees federal courts, also showed that authorities armed with wiretap orders are
Biden asks Ecuador's president to reject NSA leaker Edward Snowden's asylum (Minneapolis Star Tribune) Vice President Joe Biden has asked Ecuador to turn down an asylum request from National Security Agency leaker Edward Snowden, the country's president said Saturday. Rafael Correa, in a weekly television address, offered little
Snowden In Limbo As Options Narrow (Wall Street Journal) As Edward Snowden entered his second week of limbo in Moscow's airport on Sunday, his decision to go to Russia is looking riskier than it first appeared, and may have left him in a worse situation than if he had stayed in Hong Kong
Snowden's Fate Is Up To Russia, Ecuador Says (New York Times) President Rafael Correa said Sunday that while there were weighty arguments for granting asylum to the fugitive American intelligence leaker Edward J. Snowden, it was up to Russia to decide what happens to him
Job Title Key To Inner Access Held By Leaker (New York Times) Intelligence officials refer to Edward J. Snowden's job as a National Security Agency contractor as ''systems administrator'' -- a bland name for the specialists who keep the computers humming. But his last job before leaking classified documents about N.S.A. surveillance, he told the news organization The Guardian, was actually ''infrastructure analyst''
Edward Snowden: The Geek Turned Deep Throat (SecurityWeek) Hunted as a US traitor and at the center of a diplomatic row, Edward Snowden got off to a less spectacular start in life: he is a self-confessed geek and high school dropout. Snowden, 30, came out of nowhere to trigger one of the biggest intelligence leaks in American history, triggering a furious standoff with Russia as he evades capture from a Moscow airport transit area
Bipartisan group of senators urges transparency on phone record surveillance (Washington Post) The senators are pressing Director of National Intelligence James R. Clapper to answer a series of questions, including how long the National Security Agency has used Section 215 authorities to engage in the bulk collection of Americans' records
Has global manhunt for Snowden turned into sideshow, sidelining debate over spying? (Washington Post) But the search for the former National Security Agency contractor who spilled government secrets has become something of a distracting sideshow, some say, overshadowing at least for now the important debate over the government's power to seize the
Who Helped Snowden Steal State Secrets? (Wall Street Journal) The preparations began before he took the job that landed him at the NSA. In March 2013, when Edward Snowden sought a job with Booz Allen Hamilton at a National Security Agency facility in Hawaii, he signed the requisite classified-information agreements and would have been made well aware of the law regarding communications intelligence
SCHEER: U.S. intelligence has many traitors (Rapid City Journal) What a disgrace. The U.S. government, cheered on by much of the media, launches an international manhunt to capture a young American whose crime is that he dared challenge the excess of state power
NSA Leak Vindicates AT&T Whistleblower (Wired) Today's revelations that the National Security Agency collected bulk data on the email traffic of millions of Americans provides startling evidence for the first time to support a whistleblower's longstanding claims that AT&T was forwarding global internet traffic to the
Secret US spy court lets Microsoft, Google reveal their petitions (The Register) We'll see their pleas to be ungagged, no actual gags will be dropped. America's most secret court will allow Google and Microsoft to reveal details of their legal battle to lift a gag order preventing them from disclosing how much data they give to spooks
GI's Trial In WikiLeaks Case Enters 5th Week (NewsOK.com) Prosecutors at the court-martial of an Army private at Fort Meade remain focused on the more than 250,000 State Department diplomatic cables he gave to the anti-secrecy group WikiLeaks
Man Disseminating Ghost RAT now under Custody of Taiwan's CIB (SPAMfighter News) According to researchers from Trend Micro, the Criminal Investigation Bureau of Taiwan recently detained a man thought to have been associated with cyber-assaults which utilized Ghost the infamous Remote Access Tool (RAT). Trend Micro, while helping
FBI Paid Off Wikileaks Insider To Be An Informant: Imagine If It Was The NY Times (TechDirt) People like to debate whether or not Wikileaks is or is not a "media property," but I can't see any definition of a media property under which Wikileaks would not fall. Yes, it publishes leaked documents, but so do many other media properties. Yes, it has a strong ideological viewpoint, but so do many other media properties. So it's rather stunning to read about the fact that a Wikileaks insider apparently spent some time as a paid informant for the FBI, handing over a variety of internet information on things happening within Wikileaks. Imagine if this was the NY Times or the Wall Street Journal, and it came out that an employee was getting paid by the FBI to reveal what those newspapers were working on. People would be up in arms, just like they were over the DOJ's spying on AP reporters and a Fox News reporter. Except, this wasn't just spying on a reporter, this was flat out paying off an insider to share internal information. That's incredible
Canadian cop claims he didn't know cyber-stalking was illegal (Naked Security) A Canadian police officer who pleaded guilty to planting spyware on his wife's BlackBerry has been sentenced to demotion, after two years' paid suspension
Alleged 'PayPal 14' Hackers Seek Deal To Stay Out Of Prison After Nearly 2 Years In Limbo (Huffington Post) Before he was charged in July 2011 with aiding the hacker group Anonymous, Josh Covelli lived what he considered the life of an ordinary 26-year-old. He spent countless hours on the Internet. He had a girlfriend. He was a student and employee at Devry University in Dayton, Ohio
Candid emails at S&P surface in case (FierceFinance) If recent history has shown anything when it comes to putting executives on trial, it's that email evidence isn't necessarily rock solid. These days, if prosecutors were to go to their supervisors with plans to go to trial with mainly email evidence, they might not get the green light